You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@airflow.apache.org by GitBox <gi...@apache.org> on 2020/05/21 08:46:02 UTC

[GitHub] [airflow] ashb commented on a change in pull request #8944: Update example webserver_config.py to show correct CSRF config

ashb commented on a change in pull request #8944:
URL: https://github.com/apache/airflow/pull/8944#discussion_r428525338



##########
File path: airflow/config_templates/default_webserver_config.py
##########
@@ -34,7 +34,7 @@
 SQLALCHEMY_DATABASE_URI = conf.get('core', 'SQL_ALCHEMY_CONN')
 
 # Flask-WTF flag for CSRF
-CSRF_ENABLED = True
+WTF_CSRF_ENABLED = True

Review comment:
       https://github.com/lepture/flask-wtf/blob/v0.14.2/flask_wtf/csrf.py#L176-L189 is what reads this. I have confirmed that setting `CSRF_ENABLE=False` does nothing, but setting `WTF_CSRF_ENABLED = False` does correctly disable the requirement for CSRF.




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org