Flask WTForms
Adding forms in your application seems to be an easy task, but when you start coding the server-side code, the task of validating user input grows bigger and bigger as the form becomes more complex. Security is paramount as the data is from an untrustworthy source and is going to be entered in the database. WTForms is a library that handles server form validation for you by checking input against common form types. Flask WTForms is a Flask extension on top of WTForms that add features, such as Jinja HTML rendering, and protects you against attacks, such as SQL injection and cross-site request forgery. To install Flask WTForms and WTForms, we have:
$ pip install Flask-WTF
Note
Protecting yourself against SQL injection and cross-site request forgery is extremely important, as these are the most common forms of attacks your website will receive. To learn more about these attacks, visit https://en.wikipedia.org/wiki/SQL_injection and https://en.wikipedia.org/wiki/Cross-site_request_forgery...
