26 lines
485 B
Plaintext
26 lines
485 B
Plaintext
|
include::../description.adoc[]
|
||
|
|
|
||
|
|
== Noncompliant Code Example
|
||
|
|
|
||
|
|
----
|
||
|
|
from flask import request
|
||
|
|
|
||
|
|
@app.route('/')
|
||
|
|
def index():
|
||
|
|
module = request.args.get("module")
|
||
|
|
exec("import urllib%s as urllib" % module) # Noncompliant
|
||
|
|
----
|
||
|
|
|
||
|
|
== Compliant Solution
|
||
|
|
|
||
|
|
----
|
||
|
|
from flask import request
|
||
|
|
|
||
|
|
@app.route('/')
|
||
|
|
def index():
|
||
|
|
module = request.args.get("module")
|
||
|
|
exec("import urllib%d as urllib" % int(module)) # Compliant; module is safely cast to an integer
|
||
|
|
----
|
||
|
|
|
||
|
|
include::../see.adoc[]
|