Do not allow Werkzeug to be used in production by default (Fixes #1814)

miguelgrinberg · May 22, 2022 · e35a0f4 · e35a0f4
1 parent c0152fd
commit e35a0f4
Showing 1 changed file with 18 additions and 0 deletions.
diff --git a/src/flask_socketio/__init__.py b/src/flask_socketio/__init__.py
@@ -536,6 +536,10 @@ def run(self, app, host=None, port=None, **kwargs):  # pragma: no cover
                            Defaults to ``True`` in debug mode, ``False``
                            in normal mode. Unused when the threading async
                            mode is used.
+        :param allow_unsafe_werkzeug: Set to ``True`` to allow the use of the
+                                      Werkzeug web server in a production
+                                      setting. Default is ``False``. Set to
+                                      ``True`` at your own risk.
         :param kwargs: Additional web server options. The web server options
                        are specific to the server used in each of the supported
                        async modes. Note that options provided here will
@@ -593,6 +597,20 @@ def run(self, app, host=None, port=None, **kwargs):  # pragma: no cover
                 from werkzeug._internal import _log
                 _log('warning', 'WebSocket transport not available. Install '
                                 'simple-websocket for improved performance.')
+            if not sys.stdin or not sys.stdin.isatty():  # pragma: no cover
+                allow_unsafe_werkzeug = kwargs.pop('allow_unsafe_werkzeug',
+                                                   False)
+                if not allow_unsafe_werkzeug:
+                    raise RuntimeError('The Werkzeug web server is not '
+                                       'designed to run in production. Pass '
+                                       'allow_unsafe_werkzeug=True to the '
+                                       'run() method to disable this error.')
+                else:
+                    from werkzeug._internal import _log
+                    _log('warning', ('Werkzeug appears to be used in a '
+                                     'production deployment. Consider '
+                                     'switching to a production web server '
+                                     'instead.'))
             app.run(host=host, port=port, threaded=True,
                     use_reloader=use_reloader, **reloader_options, **kwargs)
         elif self.server.eio.async_mode == 'eventlet':