From c618290a4476fd01f46b079e8b95bbc16341cbca Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marjo=20Murtom=C3=A4ki?= <mmurtoma@local>
Date: Mon, 27 Nov 2023 19:56:22 +0200
Subject: Adding csrf checking to every post handler.

---
 routes/question.py | 1 +
 1 file changed, 1 insertion(+)

(limited to 'routes/question.py')

diff --git a/routes/question.py b/routes/question.py
index ad31993..981e15d 100644
--- a/routes/question.py
+++ b/routes/question.py
@@ -14,6 +14,7 @@ def question():
 
 @app.route("/set/question",methods=["POST"])
 def new_question():
+    csrf_check("/#create")
     try:       
         question = request.form["question"]
         neg_ans = request.form["neg_ans"]
-- 
cgit v1.2.3