Hey a small comment since I just fixed a CSRF issue related to /logout in a Flask web app. Please do not advise to do it with GET method, as that means that if any service has a JS or e.g. an IMG with src that forces you to go to /logout, then any service can force your users to logout at will. The best way is to use a POST request with CSRF token to check that a logout request is made by the service in question.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Hey a small comment since I just fixed a CSRF issue related to /logout in a Flask web app. Please do not advise to do it with GET method, as that means that if any service has a JS or e.g. an IMG with src that forces you to go to /logout, then any service can force your users to logout at will. The best way is to use a POST request with CSRF token to check that a logout request is made by the service in question.