SeaSurf is a Flask extension for preventing cross-site request forgery (CSRF).
Python
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
docs Merge pull request #78 from simon04/feat-cookie-path Sep 29, 2017
.gitignore adding theme submodule Jun 28, 2013
.gitmodules
.travis.yml
LICENSE first commit Dec 6, 2011
MANIFEST.in add manifest file to fix #61 Oct 3, 2017
README.markdown flask.ext namespace is depreciated (#69) Sep 28, 2017
flask_seasurf.py test: generate_token using mocking Oct 2, 2017
setup.py Added Python 3 classifier to setup.py Sep 16, 2016
test_seasurf.py test: generate_token using mocking Oct 2, 2017

README.markdown

Flask-SeaSurf

build status

SeaSurf is a Flask extension for preventing cross-site request forgery (CSRF).

CSRF vulnerabilities have been found in large and popular sites such as YouTube. These attacks are problematic because the mechanism they use is relatively easy to exploit. This extension attempts to aid you in securing your application from such attacks.

This extension is based on the excellent Django middleware.

Installation

Install the extension with one of the following commands:

$ easy_install flask-seasurf

or alternatively if you have pip installed:

$ pip install flask-seasurf

Usage

Using SeaSurf is fairly straightforward. Begin by importing the extension and then passing your application object back to the extension, like this:

from flask_seasurf import SeaSurf
csrf = SeaSurf(app)

Documentation

The Sphinx-compiled documentation is available here: http://packages.python.org/Flask-SeaSurf/