Generating A Csrf Token Manually With Flask Wtf-forms
I'd like to create and fill out a Flask WTF-Form using only python code. However, the form doesn't automatically generate a CSRF token when I create it with python code. Is there
Solution 1:
You'd be effectively disabling CSRF protection by generating and passing a token to the form locally. It's only effective when the user submits a previously generated token.
Since you're not using CSRF protection, disable it. You can also pass request.args
as the source of data.
form = URLForm(request.args, csrf_enabled=False)
If you want to use CSRF for this form, then the form needs to send the csrf_token
field, which can be rendered with {{ form.csrf_token }}
or {{ form.hidden_tag() }}
.
Solution 2:
In newest version of flask_wtf (0.14.2) you can disable csrf token in this way.
form = URLForm(request.args, meta={'csrf': False})
Post a Comment for "Generating A Csrf Token Manually With Flask Wtf-forms"