search

Danangjoyoo / flask-http-middleware

Flask HTTP Middleware with starlette's (FastAPI) BaseHTTPMiddleware style
MIT License
12 stars 1 forks source link

Middleware breaks flask_wtf.csrf #8

Open P-T-I opened 11 months ago

P-T-I commented 11 months ago

Using the very basic of middlewares:

class MetricsMiddleware(BaseHTTPMiddleware):
    def __init__(self):
        super().__init__()

    def dispatch(self, request, call_next):
        response = call_next(request)
        return response

CSRF tokens do no longer match and effectively disables the proper functionality of the app. using: flask==2.3.3 Werkzeug~=2.3.7 flask-login~=0.6.2 flask-wtf~=1.2.1 WTForms~=3.1.0

Any pointers?

danjoyboy commented 11 months ago

Hi @P-T-I I think this one is similar with #4 can you please try it?

P-T-I commented 11 months ago

@danjoyboy Thanks for your reply; I checked that issue; but I believe mine is different; the CSRF protection if not something that is enforced by another type of middleware that is overwritten.