deeplake icon indicating copy to clipboard operation
deeplake copied to clipboard

Published 20 hours ago verified publisher icon activeloopai

Add CSRFProtect to flask

Open nvoxland opened this issue 11 months ago • 0 comments

🚀 🚀 Pull Request

Impact

  • [X] Bug fix (non-breaking change which fixes expected existing functionality)
  • [ ] Enhancement/New feature (adds functionality without impacting existing logic)
  • [ ] Breaking change (fix or feature that would cause existing functionality to change)

Description

By default, Flask does not protect form a cross-site request forgery attack. This PR adds the CSRFProtect module as suggested by https://sonarcloud.io/organizations/activeloopai/rules?open=python%3AS4502&rule_key=python%3AS4502

Things to be aware of

Is our usage of Flask worth adding this in for? We could just mark it as not a problem in sonar. At the same time, I don't think it adds much overhead, so seems fine to add to be safe?

Things to worry about

Will adding this break existing ways we use the flask server?

nvoxland avatar Jul 17 '23 18:07 nvoxland