Erik Taubeneck

icon indicating a website link skien.cc

icon company Facebook icon location Seattle, WA

Results 31 comments of Erik Taubeneck

Logout view is not idempotent and vulnerable to CSRF

So I'd recommend using the `CSRF_ENABLED` flag that [Flask-WTF](https://flask-wtf.readthedocs.org/en/latest/csrf.html) creates when you use `CsrfProtect(app)`. I think it's fair enough to assume that if a user is using this extension, they...