| AArch64 | |
| ppc64le | |
| s390x | |
| x86-64 |
- Fix whitespace and drop the subpkg wrt previous commit
- Added python-itsdangerous requirements - disabled sphinx build html docs and doc packages because of build errors.
- Update to Version 0.14.2
* Fix bug where ``FlaskForm`` assumed ``meta`` argument was not ``None`` if it
was passed. (`#278`_)
- Update to Version 0.14.1
* Fix bug where the file validators would incorrectly identify an empty file as
valid data. (`#276`_, `#277`_)
- Update to Version 0.14
* Use itsdangerous to sign CSRF tokens and check expiration instead of doing it
ourselves. (`#264`_)
* Remove the ``app`` attribute from ``CsrfProtect``, use ``current_app``.
(`#264`_)
* ``CsrfProtect`` protects the ``DELETE`` method by default. (`#264`_)
* The same CSRF token is generated for the lifetime of a request. It is exposed
as ``request.csrf_token`` for use during testing. (`#227`_, `#264`_)
* ``CsrfProtect.error_handler`` is deprecated. (`#264`_)
* Use ``Form.Meta`` instead of deprecated ``SecureForm`` for CSRF (and
everything else). (`#216`_, `#271`_)
* Provide ``WTF_CSRF_FIELD_NAME`` to configure the name of the CSRF token.
(`#271`_)
* ``validate_csrf`` raises ``wtforms.ValidationError`` with specific messages
instead of returning ``True`` or ``False``. This breaks anything that was
calling the method directly. (`#239`_, `#271`_)
* ``CsrfProtect`` is renamed to ``CSRFProtect``. A deprecation warning is issued
when using the old name. ``CsrfError`` is renamed to ``CSRFError`` without
deprecation. (`#271`_)
* ``FileField`` is deprecated because it no longer provides functionality over
the provided validators. Use ``wtforms.FileField`` directly. (`#272`_)
- Update to Version 0.13.1
* Deprecation warning for ``Form`` is shown during ``__init__`` instead of immediately when subclassing. (`#262`_)
* Don't use ``pkg_resources`` to get version, for compatibility with GAE. (`#261`_)
- Update to Version 0.13
* ``Form`` is renamed to ``FlaskForm`` in order to avoid name collision with WTForms's base class. Using ``Form`` will show a deprecation warning. (`#250`_)
* ``hidden_tag`` no longer wraps the hidden inputs in a hidden div. This is valid HTML5 and any modern HTML parser will behave correctly. (`#217`_, `#193`_)
* ``flask_wtf.html5`` is deprecated. Import directly from ``wtforms.fields.html5``. (`#251`_)
* ``is_submitted`` is true for ``PATCH`` and ``DELETE`` in addition to ``POST`` and ``PUT``. (`#187`_)
* ``generate_csrf`` takes a ``token_key`` parameter to specify the key stored in the session. (`#206`_)
* ``generate_csrf`` takes a ``url_safe`` parameter to allow the token to be used in URLs. (`#206`_)
* ``form.data`` can be accessed multiple times without raising an exception. (`#248`_)
* File extension with multiple parts (``.tar.gz``) can be used in the ``FileAllowed`` validator. (`#201`_)
- Update to Version 0.12
* Abstract protect_csrf() into a separate method
* Update reCAPTCHA configuration
* Fix reCAPTCHA error handle
- singlespec auto-conversion
- Updated to 0.11 - Use the new reCAPTCHA API via #164. - Add configuration: WTF_CSRF_HEADERS via #159. - Support customize hidden tags via #150. - And many more bug fixes
- Updated to 0.10.2 - Update translation for reCaptcha via #146. - Update RECAPTCHA API SERVER URL via #145. - Update requirement Werkzeug>=0.9.5 - Fix CsrfProtect exempt for blueprints via #143. - Add configuration: WTF_CSRF_METHODS - Support WTForms 2.0 now - Fix csrf validation without time limit (time_limit=False) - CSRF exempt supports blueprint #111.
- Updated to 0.9.5 - Add configuration: WTF_CSRF_METHODS.
- Initial Upload: Flask-WTF 0.8.4 Released 2013/12/20 - Bugfix for csrf module when form has a prefix - Compatible support for wtforms2 - Remove file API for FileField