Added support by default for reject csrf attacks to POST statements

2016-04-04 01:59:26 +02:00 · 2016-04-04 01:59:26 +02:00 · 4149abcb36
commit 4149abcb36
parent 79485fc599
6 changed files with 45 additions and 3 deletions
--- a/paramecio/modules/admin/index.py
+++ b/paramecio/modules/admin/index.py
@ -298,6 +298,8 @@ def logout():
    
        del s['login']
        del s['privileges']
+        
+        s.save()
    
    if request.get_cookie("remember_login", secret=key_encrypt):