include::../description.adoc[]

include::../ask-yourself.adoc[]

include::../recommended.adoc[]

== Sensitive Code Example

Django application startup:

[source,python,diff-id=1,diff-type=noncompliant]
----
from django.conf import settings

settings.configure(DEBUG=True)  # Sensitive when set to True
settings.configure(DEBUG_PROPAGATE_EXCEPTIONS=True)  # Sensitive when set to True

def custom_config(config):
    settings.configure(default_settings=config, DEBUG=True)  # Sensitive
----

Inside ``settings.py`` or ``global_settings.py``, which are the default configuration
files for a Django application:

[source,python,diff-id=2,diff-type=noncompliant]
----
DEBUG = True  # Sensitive
DEBUG_PROPAGATE_EXCEPTIONS = True  # Sensitive
----


Flask application startup:

[source,python,diff-id=3,diff-type=noncompliant]
----
from flask import Flask

app = Flask()
app.debug = True  # Sensitive
app.run(debug=True)  # Sensitive
----

The following code defines a GraphQL endpoint with GraphiQL enabled. While this might be a useful configuration during development, it should never be enabled for applications deployed in production:

[source,python,diff-id=4,diff-type=noncompliant]
----
from flask import Flask
from graphql_server.flask import GraphQLView

app = Flask(__name__)

app.add_url_rule(
    '/graphql',
    view_func=GraphQLView.as_view(
        'graphql',
        schema=schema,
        graphiql=True # Sensitive
    )
)
----

== Compliant Solution

[source,python,diff-id=1,diff-type=compliant]
----
from django.conf import settings

settings.configure(DEBUG=False)
settings.configure(DEBUG_PROPAGATE_EXCEPTIONS=False)

def custom_config(config):
    settings.configure(default_settings=config, DEBUG=False)
----

[source,python,diff-id=2,diff-type=compliant]
----
DEBUG = False
DEBUG_PROPAGATE_EXCEPTIONS = False
----

[source,python,diff-id=3,diff-type=compliant]
----
from flask import Flask

app = Flask()
app.debug = False
app.run(debug=False)
----

[source,python,diff-id=4,diff-type=compliant]
----
from flask import Flask
from graphql_server.flask import GraphQLView

app = Flask(__name__)

app.add_url_rule(
    '/graphql',
    view_func=GraphQLView.as_view(
        'graphql',
        schema=schema
    )
)
----

include::../see.adoc[]

ifdef::env-github,rspecator-view[]

'''
== Implementation Specification
(visible only on this page)

include::../message.adoc[]

'''
== Comments And Links
(visible only on this page)

include::../comments-and-links.adoc[]

endif::env-github,rspecator-view[]