I\'m trying to get file uploads with flask-uploads
working and running in to some snags. I\'ll show you my flask
view function, the html and hopefully
You have csrf_enabled=True
but your form doesn't have any CSRF protection since you aren't inheriting from SecureForm
. If you want to enable CSRF, read the documentation and update your form definition.
If this was unintended, you can remove csrf_enabled=True
and your logic will work as expected.
To enable CSRF protection, there are a few steps:
SecureForm
generate_csrf_token
and validate_csrf_token
methods in your form. These methods will generate a unique key and raise errors when it doesn't validate.{{ form.csrf_token }}
to your template.