Re: [flask] CSRF
- From:
- danjac354@gmail.com
- Date:
- 2011-02-10 @ 13:28
Not if you use Flask-WTF, as it uses CSRF anyway.
You may however be using a web service or AJAX query that doesn't use
forms, in which case Flask-CSRF by itself may be handy (or, if you are
not using WTF but another form validation system).
Hopefully CSRF will become a part of Flask core for security reasons,
rather than delegating to extensions.
On 10 February 2011 13:25, Louis Wu <waveyus@yahoo.com> wrote:
> If I use CSRF in Flask-WTF, is there any circumstance I also need to use
> Flask-CSRF extension?
> Thanks.
>