69 lines
1.8 KiB
Plaintext
69 lines
1.8 KiB
Plaintext
== Why is this an issue?
|
|
|
|
include::../description.adoc[]
|
|
|
|
=== Noncompliant code example
|
|
|
|
https://docs.python.org/3/library/urllib.request.html[urllib.request] library:
|
|
|
|
[source,python]
|
|
----
|
|
import urllib.request
|
|
|
|
authenticationHandler = urllib.request.HTTPBasicAuthHandler() # Noncompliant
|
|
authenticationHandler.add_password(None,
|
|
'http://www.sonarsource.com/',
|
|
'sonaruser',
|
|
'secretpass1!')
|
|
opener = urllib.request.build_opener(authenticationHandler)
|
|
urllib.request.install_opener(opener)
|
|
|
|
urllib.request.urlopen('http://www.sonarsource.com/credential.html')
|
|
----
|
|
https://httplib2.readthedocs.io/en/latest/[httplib2] library:
|
|
|
|
[source,python]
|
|
----
|
|
import httplib2
|
|
|
|
conn = httplib2.Http(".cache")
|
|
conn.add_credentials('sonaruser', 'secretpass1!')
|
|
response, content = conn.request("http://www.sonarsource.com/rest/path", "GET") # Noncompliant
|
|
----
|
|
https://requests.readthedocs.io/en/master/[requests] library:
|
|
|
|
[source,python]
|
|
----
|
|
import requests
|
|
|
|
conn = requests.get('http://www.sonarsounce.com/rest/path', auth=('sonaruser', 'secretpass1!')) # Noncompliant
|
|
----
|
|
https://docs.python.org/3/library/http.client.html[http.client] library:
|
|
|
|
[source,python]
|
|
----
|
|
from http.client import HTTPConnection
|
|
from base64 import b64encode
|
|
|
|
conn = HTTPConnection('www.sonarsource.com')
|
|
credential = b64encode(b'sonaruser:secretpass1!').decode('ascii')
|
|
conn.request('GET', '/', headers={'Authorization': 'Basic %s' % credential}) # Noncompliant
|
|
----
|
|
|
|
include::../see.adoc[]
|
|
|
|
ifdef::env-github,rspecator-view[]
|
|
|
|
'''
|
|
== Implementation Specification
|
|
(visible only on this page)
|
|
|
|
include::../message.adoc[]
|
|
|
|
'''
|
|
== Comments And Links
|
|
(visible only on this page)
|
|
|
|
include::../comments-and-links.adoc[]
|
|
endif::env-github,rspecator-view[]
|