Commits

Steve Losh  committed 2bb32e4

csrf: add the optional on_csrf param to csrf

  • Participants
  • Parent commits 91a2bb8

Comments (0)

Files changed (2)

 
 *.pyc
 .DS_Store
+
+.html
+.tmp

File garter/csrf.py

     _exempt_views.append(view)
     return view
 
-def csrf(app):
+def csrf(app, on_csrf=None):
     @app.before_request
     def _csrf_check_exemptions():
         try:
             if request.method == "POST":
                 csrf_token = session.pop('_csrf_token', None)
                 if not csrf_token or csrf_token != request.form.get('_csrf_token'):
+                    if on_csrf:
+                        on_csrf(*app.match_request())
                     abort(400)
     
     def generate_csrf_token():