-
Andrew Grigorev authored
Current SecureForm implementation generates CSRF secret using `os.urandom()` every time when application start up. CSRF secret is used to calculate csrf_token check value, so if someone would use a command similar to gunicorn --workers=8 app to run his flask-admin app on production then most form submissions would silently fail (silently - as for now, it is probably another one bug). Instead of custom `os.urandom()` logic the `app.secret_key` value should be used to produce CSRF token values.db21a600
| Name |
Last commit
|
Last update |
|---|---|---|
| .. | ||
| contrib | ||
| form | ||
| model | ||
| static | ||
| templates | ||
| tests | ||
| translations | ||
| __init__.py | ||
| _backwards.py | ||
| _compat.py | ||
| actions.py | ||
| babel.py | ||
| base.py | ||
| consts.py | ||
| helpers.py | ||
| menu.py | ||
| tools.py |