rattail/tailbone
2
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

Add global CSRF protection

Browse source
This commit is contained in:
Lance Edgar 2016-12-14 18:37:17 -06:00
parent ab09314ed3
commit 4ed522ae47
15 changed files with 28 additions and 22 deletions
Download patch file Download diff file Expand all files Collapse all files

3
tailbone/app.py
View file

@ -129,6 +129,9 @@ def make_pyramid_config(settings):
config.set_authentication_policy(SessionAuthenticationPolicy())
config.set_authorization_policy(TailboneAuthorizationPolicy())
# always require CSRF token protection
config.set_default_csrf_options(require_csrf=True, token='_csrf')
# Bring in some Pyramid goodies.
config.include('pyramid_beaker')
config.include('pyramid_mako')