maxcountryman/flask-seasurf

Stars
190
Rank 203,089 (Top 5 %)
Language
Python
License
Other
Created almost 13 years ago
Updated 11 months ago

maxcountryman/flask-seasurf

maxcountryman

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

SeaSurf is a Flask extension for preventing cross-site request forgery (CSRF).

Flask-SeaSurf

SeaSurf is a Flask extension for preventing cross-site request forgery (CSRF).

CSRF vulnerabilities have been found in large and popular sites such as YouTube. These attacks are problematic because the mechanism they use is relatively easy to exploit. This extension attempts to aid you in securing your application from such attacks.

This extension is based on the excellent Django middleware.

Installation

Install the extension with one of the following commands:

$ easy_install flask-seasurf

or alternatively if you have pip installed:

$ pip install flask-seasurf

Usage

Using SeaSurf is fairly straightforward. Begin by importing the extension and then passing your application object back to the extension, like this:

from flask_seasurf import SeaSurf
csrf = SeaSurf(app)

Documentation

The Sphinx-compiled documentation is available here: https://flask-seasurf.readthedocs.io/

flask-login

Flask user session management.

axum-login

🪪 User identification, authentication, and authorization for Axum.

flask-bcrypt

Flask-Bcrypt is a Flask extension that provides bcrypt hashing utilities for your application.

tower-sessions

🥠 Sessions as a `tower` and `axum` middleware.

flask-uploads

File uploads for Flask.

logmon

Realtime log reader in Flask

flake

Decentralized, k-ordered unique IDs in Clojure

atomos

Atomic primitives for Python.

warc-parquet

🗄️ A simple CLI for converting WARC to Parquet.

axum-sessions

🥠 Cookie-based sessions for Axum via async-session.

aquamarine

A demo of zero-downtime deploys with Docker Compose and Traefik

irctk

A simple framework for writing IRC applications

quanta

Distributed CRDT of sparse integer vectors.

forma

🐚 An opinionated SQL formatter.

axum-messages

🛎️ One-time notification messages for Axum.

tower-sessions-stores

🚃 Previously bundled session stores for `tower-sessions`.

hyperlight

A performance-focused HTTP reverse proxy

flask-themes

cryptotrade

A simple Python API wrapper for Bitcoin trading platforms such as MtGox and TradeHill

flog

A blog written with Flask

flask-wepay

A Flask wrapper for WePay's Python API

blizzard

HTTP unique ID generation service

st

Fast and simple statistics on the command line.

markov-domains

Finds available domains using Markov chains.

nautilus

User authentication and management service

yelp-api

A wrapper for Yelp's public API

affinis

An IRC library for Clojure.

wtforms

rauth

A Python library for OAuth 1.0/a, 2.0, and Ofly

simpleirc

An IRC connection layer written in Python.

headers-accept

🤝 The missing `Accept` implementation for `headers::Header`.

pyxine-branch

Branch of the Python extension for xine

fluyt

ClojureScript HTTP requests

cozy

A modern Node API template for the weary traveller

ewt

dotfiles

Development environment configuration files.

flask-simpleoauth

A dead simple OAuth 1.0a provider in Flask

simpleoauth

Simple, correct OAuth 1.0 and 2.0 signing methods.

kaa

Kaa is the resident IRC bot on VoxInfinitus, written with IrcTK

voxinfinitus

Basic Django apps providing CMS and blog functionality for Voxi

mage

A Clojure-like Lisp.

tasker

simple task manager

ChatOnMacWebAPI-Swift

chatter

Chatter is a quick and dirty realtime chat application written in Flask

bitpit-https-bridge

A simple Flask app to bridge the unsecured service with a secured page

conceptis.org

My personal site and blog

primes

A simple Clojure program for generating a multiplication table of primes

konvej

Httpbin in Clojure.

atrium

HTTP Authentication Service

clasp

A dead simple routing DSL for Clojure's ring.

celeb

Incomplete Flask gallery project, now abandoned

accord

A simple OAuth 1.0/a, 2.0 consumer client for Clojure.

locksmithing

Lock-free, concurrent data structure experiments.