29 lines
614 B
Python
29 lines
614 B
Python
#!/usr/bin/env python3
|
|
# -*- coding: utf-8 -*-
|
|
"""CSRF example"""
|
|
|
|
from flask import Flask, render_template_string, request
|
|
|
|
app: Flask = Flask(__name__)
|
|
|
|
|
|
@app.route("/", methods=["GET", "POST"])
|
|
def index():
|
|
"""Index page"""
|
|
|
|
money: str = request.form.get("money", "0")
|
|
|
|
return render_template_string(
|
|
f"""
|
|
<h1>Transferred {money} without verifying anything</h1>
|
|
<form action="/" method="post">
|
|
<label for="money">money:</label>
|
|
<input type="text" id="money" name="money"><br><br>
|
|
<input type="submit" value="Transfer!">
|
|
</form>
|
|
"""
|
|
)
|
|
|
|
|
|
if __name__ == "__main__":
|
|
app.run(debug=True)
|