This repository was archived by the owner on Feb 27, 2023. It is now read-only.
This repository was archived by the owner on Feb 27, 2023. It is now read-only.
Cross-Site Request Forgery Vulnerability #8
Description
Due to various reasons such as limited development time, and the demonstration nature of the project, Cross-Site Request Forgery protection was not implemented in this project.
I was looking into implementing Flask-WTF to provide this protection, but it requires a significant rewrite of the application. I am hoping to leave this here to inform anyone who plans to make use of this codebase so that any derivative projects are aware of this vulnerability and can fix it before actually handling real world user data.