Flask-WTF enables CRSF by default, if you print the form.errors
, you will get a message that tells you a csrf token is required.
The solution is simple, put {{ form.csrf_token }}
in your template, or disable CSRF of the form, but you really shouldn't do such thing.
<form action="/upload/" method="POST" enctype="multipart/form-data">
{{ form.presentation.label }}
{{ form.presentation }}
{{ form.csrf_token }}
{{ form.submit}}
</form>
There is also a quick way to add every hidden fields to the form hidden_tags
:
<form action="/upload/" method="POST" enctype="multipart/form-data">
{{ form.presentation.label }}
{{ form.presentation }}
{{ form.hidden_tag() }}
{{ form.submit}}
</form>