ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S5146/python/rule.adoc
Alban Auzeill 2c306d110e Fix code block ambiguity with old header style 
Ensure blank line before list and clean the one leading space
2020-06-30 17:16:12 +02:00

56 lines
1003 B
Plaintext
Raw Blame History

include::../description.adoc[]
== Noncompliant Code Example
Flask
----
from flask import request, redirect
@app.route('move')
def move():
url = request.args["next"]
return redirect(url) # Noncompliant
----
Django
----
from django.http import HttpResponseRedirect
def move(request):
url = request.GET.get("next", "/")
return HttpResponseRedirect(url) # Noncompliant
----
== Compliant Solution
Flask
----
from flask import request, redirect, url_for
@app.route('move')
def move():
endpoint = request.args["next"]
return redirect(url_for(endpoint)) # Compliant
----
Django
----
from django.http import HttpResponseRedirect
from urllib.parse import urlparse
DOMAINS_WHITELIST = ['www.example.com', 'example.com']
def move(request):
url = request.GET.get("next", "/")
parsed_uri = urlparse(url)
if parsed_uri.netloc in DOMAINS_WHITELIST:
return HttpResponseRedirect(url) # Compliant
return HttpResponseRedirect("/")
----
include::../see.adoc[]
Reference in New Issue View Git Blame Copy Permalink