== How to fix it in Flask

=== Code examples

include::../../common/fix/code-rationale.adoc[]

==== Noncompliant code example

[source,python,diff-id=11,diff-type=noncompliant]
----
from flask import Flask, redirect

app = Flask("example")

@app.route("/redirecting")
def redirecting():
    url = request.args["url"]
    return redirect(url) # Noncompliant
----

==== Compliant solution

[source,python,diff-id=11,diff-type=compliant]
----
from flask import Flask, redirect, url_for

app = Flask("example")

@app.route("/redirecting")
def redirecting():
    url = request.args["url"]
    return redirect(url_for(url))
----

include::../../common/fix/how-does-this-work.adoc[]

=== Pitfalls

include::../../common/pitfalls/starts-with.adoc[]