search

maxcountryman / flask-seasurf

SeaSurf is a Flask extension for preventing cross-site request forgery (CSRF).
http://readthedocs.org/docs/flask-seasurf/
Other
190 stars 49 forks source link

option to disable Referer check #57

Closed alanhamlett closed 8 years ago

alanhamlett commented 8 years ago

Fixes #46.

Adds a new Flask app config CSRF_CHECK_REFERER which defaults to True.

Adds one new test for CSRF_CHECK_REFERER set to False to make sure a request succeeds when the Referer header is invalid.

maxcountryman commented 8 years ago

Very nice!