rspec/rules/S4825/python/rule.adoc

include::../description.adoc[]

include::../ask-yourself.adoc[]

include::../recommended.adoc[]

== Sensitive Code Example

<code>httplib</code> module
----
import http.client.HTTPConnection


def send_request(url):
    http.client.HTTPConnection(url)  # Sensitive
----

<code>request</code> library
----
import requests


def send_request(url, method):
    requests.request(method, url)  # Sensitive
    requests.get(url)  # Sensitive
    requests.put(url)  # Sensitive
    requests.post(url)  # Sensitive
    requests.patch(url)  # Sensitive
    requests.delete(url)  # Sensitive
    requests.head(url)  # Sensitive
    requests.options(url)  # Sensitive
----

Python 2 <code>urllib2</code>
----
import urllib2

url = 'http://www.example.com/'


def open_url(url):
    urllib2.urlopen(url)  # Sensitive

    req = urllib2.Request(url=url,
                          data=b'This is data')

    urllib2.urlopen(req)  # Sensitive

    opener = urllib2.build_opener(urllib2.HTTPHandler)
    opener.open(url)  # Sensitive
----

Python 3 <code>urllib</code> module
----
import urllib.request

url = 'http://www.example.com/'


def open_url(url, proxy_handler, proxy_auth_handler, proxies):
    urllib.request.urlopen(url)  # Sensitive

    req = urllib.request.Request(url=url,
                                 data=b'This is data')

    urllib.request.urlopen(req)  # Sensitive

    opener = urllib.request.build_opener(proxy_handler, proxy_auth_handler)
    opener.open(url)  # Sensitive

    opener = urllib.request.FancyURLopener(proxies)
    opener.open(url)  # Sensitive

    urllib.request.urlretrieve(url)  # Sensitive
----

include::../see.adoc[]
Add rules 4000-4999 2020-06-30 12:49:37 +02:00			`include::../description.adoc[]`

			`include::../ask-yourself.adoc[]`

			`include::../recommended.adoc[]`

			`== Sensitive Code Example`

			`<code>httplib</code> module`
			`----`
			`import http.client.HTTPConnection`


			`def send_request(url):`
			`http.client.HTTPConnection(url) # Sensitive`
			`----`

			`<code>request</code> library`
			`----`
			`import requests`


			`def send_request(url, method):`
			`requests.request(method, url) # Sensitive`
			`requests.get(url) # Sensitive`
			`requests.put(url) # Sensitive`
			`requests.post(url) # Sensitive`
			`requests.patch(url) # Sensitive`
			`requests.delete(url) # Sensitive`
			`requests.head(url) # Sensitive`
			`requests.options(url) # Sensitive`
			`----`

			`Python 2 <code>urllib2</code>`
			`----`
			`import urllib2`

			`url = 'http://www.example.com/'`


			`def open_url(url):`
			`urllib2.urlopen(url) # Sensitive`

			`req = urllib2.Request(url=url,`
			`data=b'This is data')`

			`urllib2.urlopen(req) # Sensitive`

			`opener = urllib2.build_opener(urllib2.HTTPHandler)`
			`opener.open(url) # Sensitive`
			`----`

			`Python 3 <code>urllib</code> module`
			`----`
			`import urllib.request`

			`url = 'http://www.example.com/'`


			`def open_url(url, proxy_handler, proxy_auth_handler, proxies):`
			`urllib.request.urlopen(url) # Sensitive`

			`req = urllib.request.Request(url=url,`
			`data=b'This is data')`

			`urllib.request.urlopen(req) # Sensitive`

			`opener = urllib.request.build_opener(proxy_handler, proxy_auth_handler)`
			`opener.open(url) # Sensitive`

			`opener = urllib.request.FancyURLopener(proxies)`
			`opener.open(url) # Sensitive`

			`urllib.request.urlretrieve(url) # Sensitive`
			`----`

			`include::../see.adoc[]`