flask dropzone加csrf(flask 74)

import os

from flask import Flask, render_template, request from flask_dropzone import Dropzone from flask_wtf.csrf import CSRFProtect, CSRFError

basedir = os.path.abspath(os.path.dirname(file))

app = Flask(name)

app.config.update( SECRET_KEY='dev key', # the secret key used to generate CSRF token UPLOADED_PATH=os.path.join(basedir, 'uploads'), # Flask-Dropzone config: DROPZONE_ALLOWED_FILE_TYPE='image', DROPZONE_MAX_FILE_SIZE=3, DROPZONE_MAX_FILES=30, DROPZONE_ENABLE_CSRF=True # enable CSRF protection )

dropzone = Dropzone(app) csrf = CSRFProtect(app) # initialize CSRFProtect

@app.route('/', methods=['POST', 'GET']) def upload(): if request.method == 'POST': f = request.files.get('file') f.save(os.path.join(app.config['UPLOADED_PATH'], f.filename)) return render_template('index.html')

handle CSRF error

@app.errorhandler(CSRFError) def csrf_error(e): return e.description, 400

if name == 'main': app.run(debug=True)

index.html

<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Flask-Dropzone Demo: CSRF</title> {{ dropzone.load_css() }} {{ dropzone.style('border: 2px dashed #0087F7; margin: 10%; min-height: 400px;') }} </head> <body> {{ dropzone.create('upload') }} {{ dropzone.load_js() }} {{ dropzone.config() }} </body> </html>