Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Flask Framework Cookbook

You're reading from   Flask Framework Cookbook Enhance your Flask skills with advanced techniques and build dynamic, responsive web applications

Arrow left icon
Product type Paperback
Published in Jul 2023
Publisher Packt
ISBN-13 9781804611104
Length 318 pages
Edition 3rd Edition
Languages
Tools
Arrow right icon
Author (1):
Arrow left icon
Shalabh Aggarwal Shalabh Aggarwal
Author Profile Icon Shalabh Aggarwal
Shalabh Aggarwal
Arrow right icon
View More author details
Toc

Table of Contents (20) Chapters Close

Preface 1. Part 1: Flask Fundamentals
2. Chapter 1: Flask Configurations FREE CHAPTER 3. Chapter 2: Templating with Jinja 4. Chapter 3: Data Modeling in Flask 5. Chapter 4: Working with Views 6. Part 2: Flask Deep Dive
7. Chapter 5: Web Forms with WTForms 8. Chapter 6: Authenticating in Flask 9. Chapter 7: RESTful API Building 10. Chapter 8: Admin Interface for Flask Apps 11. Chapter 9: Internationalization and Localization 12. Part 3: Advanced Flask
13. Chapter 10: Debugging, Error Handling, and Testing 14. Chapter 11: Deployment and Post-Deployment 15. Chapter 12: Microservices and Containers 16. Chapter 13: GPT with Flask 17. Chapter 14: Additional Tips and Tricks 18. Index 19. Other Books You May Enjoy

Protecting applications from CSRF

In the first recipe of this chapter, we learned that CSRF is an important part of web form security. We will now talk about this in detail. CSRF basically means that someone can hack into the request that carries a cookie and use this to trigger a destructive action. We won’t be discussing CSRF in detail here, since ample resources are available on the internet to learn about it. We will talk about how WTForms helps us to prevent CSRF. Flask does not provide any security against CSRF by default, as this has to be handled at the form-validation level, which is not a core feature of Flask as a framework. However, in this recipe, we will see how this can be done for us by using the Flask-WTF extension.

Information

More information about CSRF can be found at https://owasp.org/www-community/attacks/csrf.

How to do it...

Flask-WTF, by default, provides a form that is CSRF-protected. If we have a look at the recipes so far, we can see that...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image