Fixes for csrf token in generate_admin_class

2024-05-25 18:29:23 +02:00 · 2024-05-25 18:29:23 +02:00 · 3aedbaa10f
commit 3aedbaa10f
parent cd616efab1
3 changed files with 5 additions and 1 deletions
--- a/paramecio2/libraries/formsutils.py
+++ b/paramecio2/libraries/formsutils.py
@ -248,6 +248,6 @@ def check_csrf(name_csrf_token='csrf_token'):
    csrf_token=session.get('csrf_token', '')
    
    if csrf_token=='' or csrf_token!=request.form.get(name_csrf_token):
-        abort(404)
+        abort(403)