mirror of
https://github.com/github/codeql.git
synced 2026-05-05 05:35:13 +02:00
Python: Make sure that expected values with tag mimetype is wrapped in quotes if the value contains a space.
This commit is contained in:
Mathias Vorreiter Pedersen
@@ -1,8 +0,0 @@
|
||||
| response_test.py:21:12:21:56 | ControlFlowNode for HttpResponseRedirect() | Unexpected result: mimetype=text/html; charset=utf-8 |
|
||||
| response_test.py:21:59:21:132 | Comment # $HttpResponse mimetype=text/html; charset=utf-8 responseBody=Attribute() | Missing result:mimetype=text/html; |
|
||||
| response_test.py:25:12:25:56 | ControlFlowNode for HttpResponseNotFound() | Unexpected result: mimetype=text/html; charset=utf-8 |
|
||||
| response_test.py:25:59:25:132 | Comment # $HttpResponse mimetype=text/html; charset=utf-8 responseBody=Attribute() | Missing result:mimetype=text/html; |
|
||||
| response_test.py:32:16:32:29 | ControlFlowNode for HttpResponse() | Unexpected result: mimetype=text/html; charset=utf-8 |
|
||||
| response_test.py:32:32:32:80 | Comment # $HttpResponse mimetype=text/html; charset=utf-8 | Missing result:mimetype=text/html; |
|
||||
| response_test.py:33:5:33:43 | ControlFlowNode for Attribute() | Unexpected result: mimetype=text/html; charset=utf-8 |
|
||||
| response_test.py:33:46:33:119 | Comment # $HttpResponse mimetype=text/html; charset=utf-8 responseBody=Attribute() | Missing result:mimetype=text/html; |
|
||||
|
||||
@@ -18,19 +18,19 @@ def safe__manual_content_type(request):
|
||||
# XSS FP reported in https://github.com/github/codeql/issues/3466
|
||||
# Note: This should be an open-redirect sink, but not an XSS sink.
|
||||
def or__redirect(request):
|
||||
return HttpResponseRedirect(request.GET.get("next")) # $HttpResponse mimetype=text/html; charset=utf-8 responseBody=Attribute()
|
||||
return HttpResponseRedirect(request.GET.get("next")) # $HttpResponse mimetype="text/html; charset=utf-8" responseBody=Attribute()
|
||||
|
||||
# Ensure that simple subclasses are still vuln to XSS
|
||||
def xss__not_found(request):
|
||||
return HttpResponseNotFound(request.GET.get("name")) # $HttpResponse mimetype=text/html; charset=utf-8 responseBody=Attribute()
|
||||
return HttpResponseNotFound(request.GET.get("name")) # $HttpResponse mimetype="text/html; charset=utf-8" responseBody=Attribute()
|
||||
|
||||
# Ensure we still have an XSS sink when manually setting the content_type to HTML
|
||||
def xss__manual_response_type(request):
|
||||
return HttpResponse(request.GET.get("name"), content_type="text/html; charset=utf-8") # $HttpResponse mimetype=text/html responseBody=Attribute()
|
||||
|
||||
def xss__write(request):
|
||||
response = HttpResponse() # $HttpResponse mimetype=text/html; charset=utf-8
|
||||
response.write(request.GET.get("name")) # $HttpResponse mimetype=text/html; charset=utf-8 responseBody=Attribute()
|
||||
response = HttpResponse() # $HttpResponse mimetype="text/html; charset=utf-8"
|
||||
response.write(request.GET.get("name")) # $HttpResponse mimetype="text/html; charset=utf-8" responseBody=Attribute()
|
||||
|
||||
# This is safe but probably a bug if the argument to `write` is not a result of `json.dumps` or similar.
|
||||
def safe__write_json(request):
|
||||
|
||||
Reference in New Issue
Block a user