Merge pull request #26 from DataDog/devin.ford/add_xss

WEB-2843 | Add XSS example

Author: devindford

services/auth/auth.py

@@ -1,4 +1,5 @@
 from flask import Response, abort, redirect, request, jsonify
+from flask_cors import CORS, cross_origin
 from flask_login import (
     LoginManager,
     UserMixin,
@@ -20,6 +21,7 @@
 
 login_manager = LoginManager()
 login_manager.init_app(app)
+CORS(app)
 
 # csrf = CSRFProtect()
 # csrf.init_app(app)
@@ -72,6 +74,15 @@ def homepage():
         return jsonify({'User': 'Already Logged In'})
 
 
+@app.route("/email", methods=["POST"])
+@cross_origin()
+def email_capture():
+    if request.method == "POST":
+        email = request.form.get("email")
+        return jsonify({"User_Email": email})
+    return jsonify({"Error": "Invalid Method"})
+
+
 @app.route("/logout")
 @login_required
 def logout():