Look for CSRF token in the JSON data

maxcountryman / flask-seasurf

SeaSurf is a Flask extension for preventing cross-site request forgery (CSRF).

http://readthedocs.org/docs/flask-seasurf/

Other

190 stars 49 forks source link

Look for CSRF token in the JSON data #41

Closed cybertoast closed 10 years ago

cybertoast commented 10 years ago

CSRF token is generally provided in form data, but could just as easily (and sometimes more conveniently) be provided in the JSON data.

maxcountryman commented 10 years ago

Thanks! Mind adding a test for this?

cybertoast commented 10 years ago

Will do. Hold off on that pull request and I'll add another with a test. On Nov 9, 2013 1:44 PM, "Max Countryman" notifications@github.com wrote:

Thanks! Mind adding a test for this?

— Reply to this email directly or view it on GitHubhttps://github.com/maxcountryman/flask-seasurf/pull/41#issuecomment-28133832 .

cybertoast commented 10 years ago

Ok I think it's good to pull now. Let me know if you see any issues with the tests please.

maxcountryman commented 10 years ago

Sorry for the delay; merged as: a0a2cde5eae286d03a5c7552ccc0375de69d0e64.