Book Image

Python Web Development with Sanic

By : Adam Hopkins
Book Image

Python Web Development with Sanic

By: Adam Hopkins

Overview of this book

Today’s developers need something more powerful and customizable when it comes to web app development. They require effective tools to build something unique to meet their specific needs, and not simply glue a bunch of things together built by others. This is where Sanic comes into the picture. Built to be unopinionated and scalable, Sanic is a next-generation Python framework and server tuned for high performance. This Sanic guide starts by helping you understand Sanic’s purpose, significance, and use cases. You’ll learn how to spot different issues when building web applications, and how to choose, create, and adapt the right solution to meet your requirements. As you progress, you’ll understand how to use listeners, middleware, and background tasks to customize your application. The book will also take you through real-world examples, so you will walk away with practical knowledge and not just code snippets. By the end of this web development book, you’ll have gained the knowledge you need to design, build, and deploy high-performance, scalable, and maintainable web applications with the Sanic framework.
Table of Contents (16 chapters)
1
Part 1:Getting Started with Sanic
4
Part 2:Hands-On Sanic
11
Part 3:Putting It All together

Protecting applications from CSRF

The next step in our journey is handling cross-site request forgery (CSRF). It should also be noted that this often also carries the acronym XSRF. If you see these two on the web, they refer to the same issue. So, what is the issue?

Do you remember that suspiciously awkward email that you received that says Click here to claim your $500 prize? That link likely brings you to a malicious website that's controlled by someone that is trying to hack you. They may have placed some links or caused you to do something on their site that sends off a background request to a legitimate website to do something bad. If your application is not protected from CSRF attacks like this, it could be possible for that bad actor to make your users change their passwords without them even knowing!

Thwarting these attacks can be done on both sides. Your users could, of course, take better care not to open the email in their spam box. But you, as a responsible web...