You're reading from Mastering Flask Web and API Development Build and deploy production-ready Flask apps seamlessly across web, APIs, and mobile platforms

Product type Paperback

Published in Aug 2024

Publisher Packt

ISBN-13 9781837633227

Length 494 pages

Edition 1st Edition

Languages

Python

Tools

Flask

Concepts

Big Data

Author (1):

Sherwin John C. Tragura

View More author details

Table of Contents (18) Chapters

Preface

1. Part 1:Learning the Flask 3.x Framework

2. Chapter 1: A Deep Dive into the Flask Framework FREE CHAPTER

3. Chapter 2: Adding Advanced Core Features

4. Chapter 3: Creating REST Web Services

5. Chapter 4: Utilizing Flask Extensions

6. Part 2:Building Advanced Flask 3.x Applications

7. Chapter 5: Building Asynchronous Transactions

8. Chapter 6: Developing Computational and Scientific Applications

9. Chapter 7: Using Non-Relational Data Storage

10. Chapter 8: Building Workflows with Flask

11. Chapter 9: Securing Flask Applications

12. Part 3:Testing, Deploying, and Building Enterprise-Grade Applications

13. Chapter 10: Creating Test Cases for Flask

14. Chapter 11: Deploying Flask Applications

15. Chapter 12: Integrating Flask with Other Tools and Frameworks

16. Index

Why subscribe?

17. Other Books You May Enjoy

Adding protection from web vulnerabilities

SQL injection, SSRF, and XSS attacks are the most common web vulnerabilities that corrupt many web applications. They also affect any applications that use HTTP-based transactions, such as POST, PUT, PATCH, and DELETE. SQL injection occurs when an attacker infiltrates the backend datastore that manages the content of the trusted application. Embedded malicious SQL code can tamper with the data, rendering unwanted pages or destroying the database. XSS attacks commonly insert malicious scripts into the pages of the application to steal cookies, session data, and sensitive credentials from the system. On the other hand, CSRF occurs inside an authenticated environment. It happens when a valid user performs an HTTP transaction and a malicious script lurking in the browser usurps valid credentials with bogus and invalid ones to lead transactions to untrusted systems.