cwinfo/powerdns-admin
4
0
Fork 0
mirror of https://github.com/cwinfo/powerdns-admin.git synced 2025-07-02 04:16:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix csrf configuration

Browse Source 
CSRF has been initialized *before* the app config was fully read. That
made it impossible to configure CSRF properly. Moved the CSRF init into
the routes module, and switched from programmatic to decorated
exemptions. GET routes don't need to be exempted because they are by
default.
This commit is contained in:
corubba
2022-05-27 12:53:19 +02:00
parent 2c0225e961
commit 3e462dab17
5 changed files with 31 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
powerdnsadmin/routes/base.py
View File

@ -1,9 +1,13 @@
import base64
from flask import render_template, url_for, redirect, session, request, current_app
from flask_login import LoginManager
from flask_seasurf import SeaSurf
from ..models.user import User
csrf = SeaSurf()
login_manager = LoginManager()