deeplake
deeplake copied to clipboard
Add CSRFProtect to flask
🚀 🚀 Pull Request
Impact
- [X] Bug fix (non-breaking change which fixes expected existing functionality)
- [ ] Enhancement/New feature (adds functionality without impacting existing logic)
- [ ] Breaking change (fix or feature that would cause existing functionality to change)
Description
By default, Flask does not protect form a cross-site request forgery attack. This PR adds the CSRFProtect module as suggested by https://sonarcloud.io/organizations/activeloopai/rules?open=python%3AS4502&rule_key=python%3AS4502
Things to be aware of
Is our usage of Flask worth adding this in for? We could just mark it as not a problem in sonar. At the same time, I don't think it adds much overhead, so seems fine to add to be safe?
Things to worry about
Will adding this break existing ways we use the flask server?