ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S4507/python/rule.adoc

87 lines
1.7 KiB
Plaintext
Raw Blame History

include::../description.adoc[]
include::../ask-yourself.adoc[]
include::../recommended.adoc[]
== Sensitive Code Example
Django application startup:
[source,python,diff-id=1,diff-type=noncompliant]
----
from django.conf import settings
settings.configure(DEBUG=True) # Sensitive when set to True
settings.configure(DEBUG_PROPAGATE_EXCEPTIONS=True) # Sensitive when set to True
def custom_config(config):
settings.configure(default_settings=config, DEBUG=True) # Sensitive
----
Inside ``settings.py`` or ``global_settings.py``, which are the default configuration
files for a Django application:
[source,python,diff-id=2,diff-type=noncompliant]
----
DEBUG = True # Sensitive
DEBUG_PROPAGATE_EXCEPTIONS = True # Sensitive
----
Flask application startup:
[source,python,diff-id=3,diff-type=noncompliant]
----
from flask import Flask
app = Flask()
app.debug = True # Sensitive
app.run(debug=True) # Sensitive
----
== Compliant Solution
[source,python,diff-id=1,diff-type=compliant]
----
from django.conf import settings
settings.configure(DEBUG=False)
settings.configure(DEBUG_PROPAGATE_EXCEPTIONS=False)
def custom_config(config):
settings.configure(default_settings=config, DEBUG=False)
----
[source,python,diff-id=2,diff-type=compliant]
----
DEBUG = False
DEBUG_PROPAGATE_EXCEPTIONS = False
----
[source,python,diff-id=3,diff-type=compliant]
----
from flask import Flask
app = Flask()
app.debug = False
app.run(debug=False)
----
include::../see.adoc[]
ifdef::env-github,rspecator-view[]
'''
== Implementation Specification
(visible only on this page)
include::../message.adoc[]
'''
== Comments And Links
(visible only on this page)
include::../comments-and-links.adoc[]
endif::env-github,rspecator-view[]
Reference in New Issue View Git Blame Copy Permalink