From d98dd1518b47be0d7f29e79f9ca0a476e22227bb Mon Sep 17 00:00:00 2001 From: Steve Dogiakos Date: Mon, 9 Mar 2026 20:26:42 -0600 Subject: [PATCH] =?UTF-8?q?Remove=20CSRF=20TODO=20=E2=80=94=20closed=20as?= =?UTF-8?q?=20won't=20fix=20in=20#11?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app.py | 1 - 1 file changed, 1 deletion(-) diff --git a/app.py b/app.py index b6b68ed..f2fce0f 100644 --- a/app.py +++ b/app.py @@ -73,7 +73,6 @@ with app.app_context(): @app.route('/', methods=['GET', 'POST']) # TODO: No rate limiting — form can be spammed. Add Flask-Limiter (e.g. @limiter.limit("10/minute")). -# TODO: No CSRF protection. Add Flask-WTF for CSRF tokens. def index(): error = None if request.method == 'POST':