flask-wtf
flask-wtf copied to clipboard
wtforms
Simple integration of Flask and WTForms, including CSRF, file upload and Recaptcha integration.
Flask 2.0 feature of parent and child blueprint is a feature to support building both API and app on the same flask app instance but not being being apple to...
Hello, I am extending the FlaskForm object in my form. The form doesn't successfully validate, here are the commands and their output. These commands are run within the route: ```...
I'm using Flask as an API and ReactJS for my front-end, and followed the [CSRF Protection Docs with Javascript Requests (Axios)](https://flask-wtf.readthedocs.io/en/0.15.x/csrf/#javascript-requests). #### Please follow my Init App file to see...
Bump into this error when I run `pipenv run hypercorn --reload --quic-bind 0.0.0.0:4433 --certfile server.crt --keyfile server.key --bind 0.0.0.0:8080 src.main:app`: ``` File "/usr/src/PythonRestAPI/src/main.py", line 5, in from flask_wtf.csrf import CSRFProtect,...
The `flask_wtf.file.FileAllowed` validator is very useful to validate the extension of an uploaded file, however, it is also important to validate the MIME type of the files as a user...
When adding `csrf.exempt` on a blueprint that has a child blueprint, it only works on the parent blueprint. ``` bp_main = Blueprint('main', __name__) csrf.exempt(bp_main) bp_child = Bluepirnt('child', __name__) bp_main.register_blueprint(bp_child) ```
For more secure CSP rules FlaskWTF reCAPTCHA should allow providing `nonce` when using reCAPTCHA and include that `nonce` in the script tag which loads api.js. More information: https://developers.google.com/recaptcha/docs/faq#im-using-content-security-policy-csp-on-my-website-how-can-i-configure-it-to-work-with-recaptcha
I've noticed that when enabling 'REMEMBER_COOKIE_HTTPONLY' within the config dict, it causes "The CSRF tokens do not match" in a POST request specifically for mobile Firefox. ~~Non-mobile works just fine,...
Hi there, is there a way to add an empty option to a Selectfield ? The only way I found is to add this to the choices before your actual...
### Actual Behavior Everything works fine when the user is logged in, `400 Bad Request` happens when I try to log the user in... same behavior is when I try...
