ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S5146/python/rule.adoc

56 lines
1003 B
Plaintext
Raw Normal View History

Add rules 5000-5999
2020-06-30 12:50:28 +02:00
include::../description.adoc[]
== Noncompliant Code Example
Flask
Fix code block ambiguity with old header style Ensure blank line before list and clean the one leading space
2020-06-30 14:49:38 +02:00
Add rules 5000-5999
2020-06-30 12:50:28 +02:00
----
from flask import request, redirect
@app.route('move')
def move():
url = request.args["next"]
return redirect(url) # Noncompliant
----
Django
Fix code block ambiguity with old header style Ensure blank line before list and clean the one leading space
2020-06-30 14:49:38 +02:00
Add rules 5000-5999
2020-06-30 12:50:28 +02:00
----
from django.http import HttpResponseRedirect
def move(request):
url = request.GET.get("next", "/")
return HttpResponseRedirect(url) # Noncompliant
----
== Compliant Solution
Flask
Fix code block ambiguity with old header style Ensure blank line before list and clean the one leading space
2020-06-30 14:49:38 +02:00
Add rules 5000-5999
2020-06-30 12:50:28 +02:00
----
from flask import request, redirect, url_for
@app.route('move')
def move():
endpoint = request.args["next"]
return redirect(url_for(endpoint)) # Compliant
----
Django
Fix code block ambiguity with old header style Ensure blank line before list and clean the one leading space
2020-06-30 14:49:38 +02:00
Add rules 5000-5999
2020-06-30 12:50:28 +02:00
----
from django.http import HttpResponseRedirect
from urllib.parse import urlparse
DOMAINS_WHITELIST = ['www.example.com', 'example.com']
def move(request):
url = request.GET.get("next", "/")
parsed_uri = urlparse(url)
if parsed_uri.netloc in DOMAINS_WHITELIST:
return HttpResponseRedirect(url) # Compliant
return HttpResponseRedirect("/")
----
include::../see.adoc[]
Reference in New Issue Copy Permalink