You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@airflow.apache.org by ka...@apache.org on 2020/06/22 20:29:38 UTC

[airflow] 01/02: Update example webserver_config.py to show correct CSRF config (#8944)

This is an automated email from the ASF dual-hosted git repository.

kaxilnaik pushed a commit to branch v1-10-test
in repository https://gitbox.apache.org/repos/asf/airflow.git

commit c036cdf29b5551626c5354df19d905fc166a847b
Author: Ash Berlin-Taylor <as...@firemirror.com>
AuthorDate: Thu May 21 12:12:29 2020 +0100

    Update example webserver_config.py to show correct CSRF config (#8944)
    
    CSRF_ENABLED does nothing.
    
    Thankfully, due to sensible defaults in flask-wtf, CSRF is on by
    default, but we should set this correctly.
    
    Fixes #8915
    
    (cherry picked from commit 16206cd6262a1e4d51bc425d52cfa61141aaaffc)
---
 airflow/config_templates/default_webserver_config.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/airflow/config_templates/default_webserver_config.py b/airflow/config_templates/default_webserver_config.py
index 23d3985..33eef9f 100644
--- a/airflow/config_templates/default_webserver_config.py
+++ b/airflow/config_templates/default_webserver_config.py
@@ -32,7 +32,7 @@ basedir = os.path.abspath(os.path.dirname(__file__))
 SQLALCHEMY_DATABASE_URI = conf.get('core', 'SQL_ALCHEMY_CONN')
 
 # Flask-WTF flag for CSRF
-CSRF_ENABLED = True
+WTF_CSRF_ENABLED = True
 
 # ----------------------------------------------------
 # AUTHENTICATION CONFIG