PuppetBoard: Upgrading WTForms to latest version and restoring CSRF Protection (#250)

Upgrading the following packages to the respected versions: WTForms==2.1 Flask-WTF==0.12 Werkzeug==0.11.0 Passing newly required metadata to the QueryForm constructor in puppetboard/app.py Apache >= 2.4 with mod_wsgi experienced a major issue where it would re-generate the app's secret key on each request. The fix for this turned out to be placing a permanent statis 'secret_key' value in the wsgi.py. Adding a block in README.rst on how to implement the user's own secret_key
2016-06-23 20:32:31 -04:00
parent adac2a46bf
commit da044271ee
4 changed files with 27 additions and 7 deletions
--- a/setup.py
+++ b/setup.py
@@ -30,8 +30,8 @@ setup(
    long_description='\n'.join((README, CHANGELOG)),
    install_requires=[
        "Flask >= 0.10.1",
-        "Flask-WTF >= 0.9.4, <= 0.9.5",
-        "WTForms < 2.0",
+        "Flask-WTF >= 0.12, <= 0.13",
+        "WTForms < 3.0",
        "pypuppetdb >= 0.3.0, < 0.4.0",
        ],
    keywords="puppet puppetdb puppetboard",