mirror of
https://github.com/github/codeql.git
synced 2026-04-27 17:55:19 +02:00
fix conflict
This commit is contained in:
am0o0
@@ -78,6 +78,7 @@ isSource
|
||||
| test.py:39:11:39:20 | ControlFlowNode for Await | test-source |
|
||||
| test.py:41:8:41:27 | ControlFlowNode for Attribute() | test-source |
|
||||
| test.py:46:7:46:16 | ControlFlowNode for SubClass() | test-source |
|
||||
| test.py:51:8:51:18 | ControlFlowNode for Sub2Class() | test-source |
|
||||
| test.py:53:7:53:16 | ControlFlowNode for Attribute() | test-source |
|
||||
| test.py:60:13:60:16 | ControlFlowNode for self | test-source |
|
||||
| test.py:60:24:60:28 | ControlFlowNode for named | test-source |
|
||||
|
||||
@@ -48,7 +48,7 @@ sub = SubClass()
|
||||
class Sub2Class (CommonTokens.Class):
|
||||
pass
|
||||
|
||||
sub2 = Sub2Class() # TODO: Currently not recognized as an instance of CommonTokens.Class
|
||||
sub2 = Sub2Class()
|
||||
|
||||
val = inst.foo()
|
||||
|
||||
|
||||
@@ -1,6 +1,7 @@
|
||||
import json
|
||||
|
||||
from flask import Flask, make_response, jsonify, Response, request, redirect
|
||||
from werkzeug.datastructures import Headers
|
||||
|
||||
app = Flask(__name__)
|
||||
|
||||
@@ -117,7 +118,7 @@ def response_modification1(): # $requestHandler
|
||||
@app.route("/content-type/response-modification2") # $routeSetup="/content-type/response-modification2"
|
||||
def response_modification2(): # $requestHandler
|
||||
resp = make_response("<h1>hello</h1>") # $HttpResponse mimetype=text/html responseBody="<h1>hello</h1>"
|
||||
resp.headers["content-type"] = "text/plain" # $ MISSING: HttpResponse mimetype=text/plain
|
||||
resp.headers["content-type"] = "text/plain" # $ headerWriteNameUnsanitized="content-type" headerWriteValueSanitized="text/plain" MISSING: HttpResponse mimetype=text/plain
|
||||
return resp # $ SPURIOUS: HttpResponse mimetype=text/html responseBody=resp
|
||||
|
||||
|
||||
@@ -147,7 +148,7 @@ def Response3(): # $requestHandler
|
||||
@app.route("/content-type/Response4") # $routeSetup="/content-type/Response4"
|
||||
def Response4(): # $requestHandler
|
||||
# note: capitalization of Content-Type does not matter
|
||||
resp = Response("<h1>hello</h1>", headers={"Content-TYPE": "text/plain"}) # $HttpResponse responseBody="<h1>hello</h1>" SPURIOUS: mimetype=text/html MISSING: mimetype=text/plain
|
||||
resp = Response("<h1>hello</h1>", headers={"Content-TYPE": "text/plain"}) # $ headerWriteBulk=Dict headerWriteNameUnsanitized headerWriteValueSanitized HttpResponse responseBody="<h1>hello</h1>" SPURIOUS: mimetype=text/html MISSING: mimetype=text/plain
|
||||
return resp # $ SPURIOUS: HttpResponse mimetype=text/html responseBody=resp
|
||||
|
||||
|
||||
@@ -155,7 +156,7 @@ def Response4(): # $requestHandler
|
||||
def Response5(): # $requestHandler
|
||||
# content_type argument takes priority (and result is text/plain)
|
||||
# note: capitalization of Content-Type does not matter
|
||||
resp = Response("<h1>hello</h1>", headers={"Content-TYPE": "text/html"}, content_type="text/plain; charset=utf-8") # $HttpResponse mimetype=text/plain responseBody="<h1>hello</h1>"
|
||||
resp = Response("<h1>hello</h1>", headers={"Content-TYPE": "text/html"}, content_type="text/plain; charset=utf-8") # $ headerWriteBulk=Dict headerWriteNameUnsanitized headerWriteValueSanitized HttpResponse mimetype=text/plain responseBody="<h1>hello</h1>"
|
||||
return resp # $ SPURIOUS: HttpResponse mimetype=text/html responseBody=resp
|
||||
|
||||
|
||||
@@ -163,7 +164,7 @@ def Response5(): # $requestHandler
|
||||
def Response6(): # $requestHandler
|
||||
# mimetype argument takes priority over header (and result is text/plain)
|
||||
# note: capitalization of Content-Type does not matter
|
||||
resp = Response("<h1>hello</h1>", headers={"Content-TYPE": "text/html"}, mimetype="text/plain") # $HttpResponse mimetype=text/plain responseBody="<h1>hello</h1>"
|
||||
resp = Response("<h1>hello</h1>", headers={"Content-TYPE": "text/html"}, mimetype="text/plain") # $ headerWriteBulk=Dict headerWriteNameUnsanitized headerWriteValueSanitized HttpResponse mimetype=text/plain responseBody="<h1>hello</h1>"
|
||||
return resp # $ SPURIOUS: HttpResponse mimetype=text/html responseBody=resp
|
||||
|
||||
|
||||
@@ -207,12 +208,45 @@ def setting_cookie(): # $requestHandler
|
||||
resp = make_response() # $ HttpResponse mimetype=text/html
|
||||
resp.set_cookie("key", "value") # $ CookieWrite CookieName="key" CookieValue="value"
|
||||
resp.set_cookie(key="key", value="value") # $ CookieWrite CookieName="key" CookieValue="value"
|
||||
resp.headers.add("Set-Cookie", "key2=value2") # $ MISSING: CookieWrite CookieRawHeader="key2=value2"
|
||||
resp.headers.add("Set-Cookie", "key2=value2") # $ headerWriteNameUnsanitized="Set-Cookie" headerWriteValueSanitized="key2=value2" MISSING: CookieWrite CookieRawHeader="key2=value2"
|
||||
resp.delete_cookie("key3") # $ CookieWrite CookieName="key3"
|
||||
resp.delete_cookie(key="key3") # $ CookieWrite CookieName="key3"
|
||||
return resp # $ SPURIOUS: HttpResponse mimetype=text/html responseBody=resp
|
||||
|
||||
################################################################################
|
||||
# Headers
|
||||
################################################################################
|
||||
|
||||
@app.route("/headers") # $routeSetup="/headers"
|
||||
def headers(): # $requestHandler
|
||||
resp1 = Response() # $ HttpResponse mimetype=text/html
|
||||
resp1.headers["X-MyHeader"] = "a" # $ headerWriteNameUnsanitized="X-MyHeader" headerWriteValueSanitized="a"
|
||||
resp2 = make_response() # $ HttpResponse mimetype=text/html
|
||||
resp2.headers["X-MyHeader"] = "aa" # $ headerWriteNameUnsanitized="X-MyHeader" headerWriteValueSanitized="aa"
|
||||
resp2.headers.extend({"X-MyHeader2": "b"}) # $ headerWriteBulk=Dict headerWriteNameUnsanitized headerWriteValueSanitized
|
||||
resp3 = make_response("hello", 200, {"X-MyHeader3": "c"}) # $ HttpResponse mimetype=text/html responseBody="hello" headerWriteBulk=Dict headerWriteNameUnsanitized headerWriteValueSanitized
|
||||
resp4 = make_response("hello", {"X-MyHeader4": "d"}) # $ HttpResponse mimetype=text/html responseBody="hello" headerWriteBulk=Dict headerWriteNameUnsanitized headerWriteValueSanitized
|
||||
resp5 = Response(headers={"X-MyHeader5":"e"}) # $ HttpResponse mimetype=text/html headerWriteBulk=Dict headerWriteNameUnsanitized headerWriteValueSanitized
|
||||
return resp5 # $ SPURIOUS: HttpResponse mimetype=text/html responseBody=resp5
|
||||
|
||||
@app.route("/werkzeug-headers") # $routeSetup="/werkzeug-headers"
|
||||
def werkzeug_headers(): # $requestHandler
|
||||
response = Response() # $ HttpResponse mimetype=text/html
|
||||
headers = Headers()
|
||||
headers.add("X-MyHeader1", "a") # $ headerWriteNameUnsanitized="X-MyHeader1" headerWriteValueSanitized="a"
|
||||
headers.add_header("X-MyHeader2", "b") # $ headerWriteNameUnsanitized="X-MyHeader2" headerWriteValueSanitized="b"
|
||||
headers.set("X-MyHeader3", "c") # $ headerWriteNameUnsanitized="X-MyHeader3" headerWriteValueSanitized="c"
|
||||
headers.setdefault("X-MyHeader4", "d") # $ headerWriteNameUnsanitized="X-MyHeader4" headerWriteValueSanitized="d"
|
||||
headers.__setitem__("X-MyHeader5", "e") # $ headerWriteNameUnsanitized="X-MyHeader5" headerWriteValueSanitized="e"
|
||||
headers["X-MyHeader6"] = "f" # $ headerWriteNameUnsanitized="X-MyHeader6" headerWriteValueSanitized="f"
|
||||
h1 = {"X-MyHeader7": "g"}
|
||||
headers.extend(h1) # $ headerWriteBulk=h1 headerWriteNameUnsanitized headerWriteValueSanitized
|
||||
h2 = [("X-MyHeader8", "h")]
|
||||
headers.extend(h2) # $ headerWriteBulk=h2 headerWriteNameUnsanitized headerWriteValueSanitized
|
||||
response.headers = headers
|
||||
return response # $ SPURIOUS: HttpResponse mimetype=text/html responseBody=response
|
||||
|
||||
################################################################################
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
|
||||
@@ -0,0 +1,5 @@
|
||||
import flask
|
||||
|
||||
class MySessionInterface(flask.sessions.SessionInterface):
|
||||
def open_session(self, app, request):
|
||||
ensure_tainted(request) # $tainted
|
||||
@@ -0,0 +1,2 @@
|
||||
testFailures
|
||||
failures
|
||||
@@ -0,0 +1,33 @@
|
||||
import gradio as gr
|
||||
|
||||
|
||||
with gr.Blocks() as demo:
|
||||
name = gr.Textbox(label="Name")
|
||||
output = gr.Textbox(label="Output Box")
|
||||
# static block - not used as a source
|
||||
static_block = gr.HTML("""
|
||||
<div style='height: 100px; width: 800px; background-color: pink;'></div>
|
||||
""")
|
||||
greet_btn = gr.Button("Hello")
|
||||
|
||||
# decorator
|
||||
@greet_btn.click(inputs=name, outputs=output)
|
||||
def greet(name): # $ source=name
|
||||
return "Hello " + name + "!"
|
||||
|
||||
# `click` event handler with keyword arguments
|
||||
def greet1(name): # $ source=name
|
||||
return "Hello " + name + "!"
|
||||
|
||||
greet1_btn = gr.Button("Hello")
|
||||
greet1_btn.click(fn=greet1, inputs=name, outputs=output, api_name="greet")
|
||||
|
||||
# `click` event handler with positional arguments
|
||||
def greet2(name): # $ source=name
|
||||
return "Hello " + name + "!"
|
||||
|
||||
greet2_btn = gr.Button("Hello")
|
||||
greet2_btn.click(fn=greet2, inputs=name, outputs=output, api_name="greet")
|
||||
|
||||
|
||||
demo.launch()
|
||||
@@ -0,0 +1,20 @@
|
||||
import python
|
||||
import semmle.python.dataflow.new.RemoteFlowSources
|
||||
import TestUtilities.InlineExpectationsTest
|
||||
private import semmle.python.dataflow.new.internal.PrintNode
|
||||
|
||||
module SourceTest implements TestSig {
|
||||
string getARelevantTag() { result = "source" }
|
||||
|
||||
predicate hasActualResult(Location location, string element, string tag, string value) {
|
||||
exists(location.getFile().getRelativePath()) and
|
||||
exists(RemoteFlowSource rfs |
|
||||
location = rfs.getLocation() and
|
||||
element = rfs.toString() and
|
||||
value = prettyNode(rfs) and
|
||||
tag = "source"
|
||||
)
|
||||
}
|
||||
}
|
||||
|
||||
import MakeTest<SourceTest>
|
||||
@@ -0,0 +1,26 @@
|
||||
edges
|
||||
| taint_step_test.py:5:5:5:8 | ControlFlowNode for path | taint_step_test.py:19:43:19:46 | ControlFlowNode for path | provenance | |
|
||||
| taint_step_test.py:5:12:5:35 | ControlFlowNode for Attribute() | taint_step_test.py:5:5:5:8 | ControlFlowNode for path | provenance | |
|
||||
| taint_step_test.py:6:5:6:8 | ControlFlowNode for file | taint_step_test.py:19:48:19:51 | ControlFlowNode for file | provenance | |
|
||||
| taint_step_test.py:6:12:6:35 | ControlFlowNode for Attribute() | taint_step_test.py:6:5:6:8 | ControlFlowNode for file | provenance | |
|
||||
| taint_step_test.py:11:18:11:21 | ControlFlowNode for path | taint_step_test.py:12:9:12:16 | ControlFlowNode for filepath | provenance | |
|
||||
| taint_step_test.py:11:18:11:21 | ControlFlowNode for path | taint_step_test.py:12:9:12:16 | ControlFlowNode for filepath | provenance | AdditionalTaintStep |
|
||||
| taint_step_test.py:11:24:11:27 | ControlFlowNode for file | taint_step_test.py:12:9:12:16 | ControlFlowNode for filepath | provenance | AdditionalTaintStep |
|
||||
| taint_step_test.py:12:9:12:16 | ControlFlowNode for filepath | taint_step_test.py:13:19:13:26 | ControlFlowNode for filepath | provenance | |
|
||||
| taint_step_test.py:19:43:19:46 | ControlFlowNode for path | taint_step_test.py:11:18:11:21 | ControlFlowNode for path | provenance | AdditionalTaintStep |
|
||||
| taint_step_test.py:19:48:19:51 | ControlFlowNode for file | taint_step_test.py:11:24:11:27 | ControlFlowNode for file | provenance | AdditionalTaintStep |
|
||||
nodes
|
||||
| taint_step_test.py:5:5:5:8 | ControlFlowNode for path | semmle.label | ControlFlowNode for path |
|
||||
| taint_step_test.py:5:12:5:35 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| taint_step_test.py:6:5:6:8 | ControlFlowNode for file | semmle.label | ControlFlowNode for file |
|
||||
| taint_step_test.py:6:12:6:35 | ControlFlowNode for Attribute() | semmle.label | ControlFlowNode for Attribute() |
|
||||
| taint_step_test.py:11:18:11:21 | ControlFlowNode for path | semmle.label | ControlFlowNode for path |
|
||||
| taint_step_test.py:11:24:11:27 | ControlFlowNode for file | semmle.label | ControlFlowNode for file |
|
||||
| taint_step_test.py:12:9:12:16 | ControlFlowNode for filepath | semmle.label | ControlFlowNode for filepath |
|
||||
| taint_step_test.py:13:19:13:26 | ControlFlowNode for filepath | semmle.label | ControlFlowNode for filepath |
|
||||
| taint_step_test.py:19:43:19:46 | ControlFlowNode for path | semmle.label | ControlFlowNode for path |
|
||||
| taint_step_test.py:19:48:19:51 | ControlFlowNode for file | semmle.label | ControlFlowNode for file |
|
||||
subpaths
|
||||
#select
|
||||
| taint_step_test.py:13:19:13:26 | ControlFlowNode for filepath | taint_step_test.py:5:12:5:35 | ControlFlowNode for Attribute() | taint_step_test.py:13:19:13:26 | ControlFlowNode for filepath | This path depends on a $@. | taint_step_test.py:5:12:5:35 | ControlFlowNode for Attribute() | user-provided value |
|
||||
| taint_step_test.py:13:19:13:26 | ControlFlowNode for filepath | taint_step_test.py:6:12:6:35 | ControlFlowNode for Attribute() | taint_step_test.py:13:19:13:26 | ControlFlowNode for filepath | This path depends on a $@. | taint_step_test.py:6:12:6:35 | ControlFlowNode for Attribute() | user-provided value |
|
||||
@@ -0,0 +1,22 @@
|
||||
import gradio as gr
|
||||
import os
|
||||
|
||||
with gr.Blocks() as demo:
|
||||
path = gr.Textbox(label="Path") # $ source=gr.Textbox(..)
|
||||
file = gr.Textbox(label="File") # $ source=gr.Textbox(..)
|
||||
output = gr.Textbox(label="Output Box")
|
||||
|
||||
|
||||
# path injection sink
|
||||
def fileread(path, file):
|
||||
filepath = os.path.join(path, file)
|
||||
with open(filepath, "r") as f:
|
||||
return f.read()
|
||||
|
||||
|
||||
# `click` event handler with `inputs` containing a list
|
||||
greet1_btn = gr.Button("Path for the file to display")
|
||||
greet1_btn.click(fn=fileread, inputs=[path,file], outputs=output, api_name="fileread")
|
||||
|
||||
|
||||
demo.launch()
|
||||
@@ -0,0 +1 @@
|
||||
Security/CWE-022/PathInjection.ql
|
||||
@@ -0,0 +1,2 @@
|
||||
testFailures
|
||||
failures
|
||||
@@ -0,0 +1,2 @@
|
||||
import python
|
||||
import experimental.meta.ConceptsTest
|
||||
@@ -0,0 +1,4 @@
|
||||
argumentToEnsureNotTaintedNotMarkedAsSpurious
|
||||
untaintedArgumentToEnsureTaintedNotMarkedAsMissing
|
||||
testFailures
|
||||
failures
|
||||
@@ -0,0 +1,2 @@
|
||||
import experimental.meta.InlineTaintTest
|
||||
import MakeInlineTaintTest<TestTaintTrackingConfig>
|
||||
153
python/ql/test/library-tests/frameworks/pyramid/pyramid_test.py
Normal file
153
python/ql/test/library-tests/frameworks/pyramid/pyramid_test.py
Normal file
@@ -0,0 +1,153 @@
|
||||
from pyramid.view import view_config
|
||||
from pyramid.config import Configurator
|
||||
from pyramid.response import Response
|
||||
from pyramid.httpexceptions import HTTPMultipleChoices, HTTPMovedPermanently, HTTPFound, HTTPSeeOther, HTTPUseProxy, HTTPTemporaryRedirect, HTTPPermanentRedirect
|
||||
from wsgiref.simple_server import make_server
|
||||
|
||||
def ignore(*args, **kwargs): pass
|
||||
ensure_tainted = ensure_not_tainted = ignore
|
||||
|
||||
@view_config(route_name="test1") # $ routeSetup
|
||||
def test1(request): # $ requestHandler
|
||||
ensure_tainted(
|
||||
request, # $ tainted
|
||||
|
||||
request.accept, # $ tainted
|
||||
request.accept_charset, # $ tainted
|
||||
request.accept_encoding, # $ tainted
|
||||
request.accept_language, # $ tainted
|
||||
request.authorization, # $ tainted
|
||||
request.cache_control, # $ tainted
|
||||
request.client_addr, # $ tainted
|
||||
request.content_type, # $ tainted
|
||||
request.domain, # $ tainted
|
||||
request.host, # $ tainted
|
||||
request.host_port, # $ tainted
|
||||
request.host_url, # $ tainted
|
||||
request.if_match, # $ tainted
|
||||
request.if_none_match, # $ tainted
|
||||
request.if_range, # $ tainted
|
||||
request.pragma, # $ tainted
|
||||
request.range, # $ tainted
|
||||
request.referer, # $ tainted
|
||||
request.referrer, # $ tainted
|
||||
request.user_agent, # $ tainted
|
||||
|
||||
request.as_bytes, # $ tainted
|
||||
|
||||
request.body, # $ tainted
|
||||
request.body_file.read(), # $ tainted
|
||||
request.body_file_raw.read(), # $ tainted
|
||||
request.body_file_seekable.read(),# $ tainted
|
||||
|
||||
request.json, # $ tainted
|
||||
request.json_body, # $ tainted
|
||||
request.json['a']['b'][0]['c'], # $ tainted
|
||||
|
||||
request.text, # $ tainted
|
||||
|
||||
request.matchdict, # $ tainted
|
||||
|
||||
request.path, # $ tainted
|
||||
request.path_info, # $ tainted
|
||||
request.path_info_peek(), # $ tainted
|
||||
request.path_info_pop(), # $ tainted
|
||||
request.path_qs, # $ tainted
|
||||
request.path_url, # $ tainted
|
||||
request.query_string, # $ tainted
|
||||
|
||||
request.url, # $ tainted
|
||||
request.urlargs, # $ tainted
|
||||
request.urlvars, # $ tainted
|
||||
|
||||
request.GET['a'], # $ tainted
|
||||
request.POST['b'], # $ tainted
|
||||
request.cookies['c'], # $ tainted
|
||||
request.params['d'], # $ tainted
|
||||
request.headers['X-My-Header'], # $ tainted
|
||||
request.GET.values(), # $ tainted
|
||||
|
||||
request.copy(), # $ tainted
|
||||
request.copy_get(), # $ tainted
|
||||
request.copy().GET['a'], # $ tainted
|
||||
request.copy_get().body # $ tainted
|
||||
)
|
||||
|
||||
return Response("Ok") # $ HttpResponse responseBody="Ok" mimetype=text/html
|
||||
|
||||
def test2(request): # $ requestHandler
|
||||
ensure_tainted(request) # $ tainted
|
||||
|
||||
resp = Response("Ok", content_type="text/plain") # $ HttpResponse responseBody="Ok" mimetype=text/plain
|
||||
resp.body = "Ok2" # $ HttpResponse responseBody="Ok2" SPURIOUS: mimetype=text/html
|
||||
return resp
|
||||
|
||||
@view_config(route_name="test3", renderer="string") # $ routeSetup
|
||||
def test3(ctx, req): # $ requestHandler
|
||||
ensure_tainted(req) # $ tainted
|
||||
resp = req.response # $ HttpResponse mimetype=text/html
|
||||
resp.set_cookie("hi", "there") # $ CookieWrite CookieName="hi" CookieValue="there"
|
||||
resp.set_cookie(value="there", name="hi") # $ CookieWrite CookieName="hi" CookieValue="there"
|
||||
return "Ok" # $ HttpResponse responseBody="Ok" mimetype=text/html
|
||||
|
||||
@view_config(route_name="test4", renderer="string") # $ routeSetup
|
||||
def test4(request): # $ requestHandler
|
||||
a = HTTPMultipleChoices("redirect") # $HttpResponse mimetype=text/html HttpRedirectResponse redirectLocation="redirect"
|
||||
b = HTTPMovedPermanently(location="redirect") # $HttpResponse mimetype=text/html HttpRedirectResponse redirectLocation="redirect"
|
||||
c = HTTPFound(location="redirect") # $HttpResponse mimetype=text/html HttpRedirectResponse redirectLocation="redirect"
|
||||
d = HTTPSeeOther(location="redirect") # $HttpResponse mimetype=text/html HttpRedirectResponse redirectLocation="redirect"
|
||||
e = HTTPUseProxy(location="redirect") # $HttpResponse mimetype=text/html HttpRedirectResponse redirectLocation="redirect"
|
||||
f = HTTPTemporaryRedirect(location="redirect") # $HttpResponse mimetype=text/html HttpRedirectResponse redirectLocation="redirect"
|
||||
g = HTTPPermanentRedirect(location="redirect") # $HttpResponse mimetype=text/html HttpRedirectResponse redirectLocation="redirect"
|
||||
raise a
|
||||
|
||||
# Unsupported cases
|
||||
class Test5:
|
||||
def __init__(self, request): # $ MISSING: requestHandler
|
||||
ensure_tainted(request) # $ MISSING: tainted
|
||||
self.req = request
|
||||
|
||||
@view_config(route_name="test5", renderer="string") # $ routeSetup
|
||||
def test5(self): # $ requestHandler
|
||||
ensure_not_tainted(self) # $ SPURIOUS: tainted
|
||||
ensure_tainted(self.req) # $ MISSING: tainted
|
||||
return "Ok" # $ HttpResponse mimetype=text/html responseBody="Ok"
|
||||
|
||||
@view_config(route_name="test6", attr="test6method", renderer="string") # $ routeSetup
|
||||
class Test6:
|
||||
def __init__(self, request): # $ MISSING: requestHandler
|
||||
ensure_tainted(request) # $ MISSING: tainted
|
||||
self.req = request
|
||||
|
||||
def test6method(self): # $ MISSING: requestHandler
|
||||
ensure_not_tainted(self)
|
||||
ensure_tainted(self.req) # $ MISSING: tainted
|
||||
return "Ok" # $ MISSING: HttpResponse mimetype=text/html responseBody="Ok"
|
||||
|
||||
@view_config(route_name="test6", renderer="string") # $ routeSetup
|
||||
class Test6:
|
||||
def __init__(self, context, request): # $ MISSING: requestHandler
|
||||
ensure_tainted(request) # $ MISSING: tainted
|
||||
self.req = request
|
||||
|
||||
def __call__(self): # $ MISSING: requestHandler
|
||||
ensure_not_tainted(self)
|
||||
ensure_tainted(self.req) # $ MISSING: tainted
|
||||
return "Ok" # $ MISSING: HttpResponse mimetype=text/html responseBody="Ok"
|
||||
|
||||
class Test7:
|
||||
def __call__(self,context,request): # $ MISSING: requestHandler
|
||||
ensure_tainted(request) # $ MISSING: tainted
|
||||
return "Ok" # $ MISSING: HttpResponse mimetype=text/html responseBody="Ok"
|
||||
|
||||
|
||||
if __name__ == "__main__":
|
||||
with Configurator() as config:
|
||||
for i in range(1,8):
|
||||
config.add_route(f"test{i}", f"/test{i}")
|
||||
config.add_view(test2, route_name="test2") # $ routeSetup
|
||||
config.add_view(Test7(), route_name="test7", renderer="string") # $ routeSetup
|
||||
config.scan()
|
||||
server = make_server('127.0.0.1', 8080, config.make_wsgi_app())
|
||||
print("serving")
|
||||
server.serve_forever()
|
||||
@@ -2,6 +2,7 @@
|
||||
# see https://docs.python.org/3/library/wsgiref.html#wsgiref.simple_server.WSGIServer
|
||||
import sys
|
||||
import wsgiref.simple_server
|
||||
import wsgiref.headers
|
||||
|
||||
def ignore(*arg, **kwargs): pass
|
||||
ensure_tainted = ensure_not_tainted = ignore
|
||||
@@ -17,7 +18,7 @@ def func(environ, start_response): # $ requestHandler
|
||||
environ, # $ tainted
|
||||
environ["PATH_INFO"], # $ tainted
|
||||
)
|
||||
write = start_response("200 OK", [("Content-Type", "text/plain")])
|
||||
write = start_response("200 OK", [("Content-Type", "text/plain")]) # $ headerWriteBulk=List headerWriteNameUnsanitized headerWriteValueUnsanitized
|
||||
write(b"hello") # $ HttpResponse responseBody=b"hello"
|
||||
write(data=b" ") # $ HttpResponse responseBody=b" "
|
||||
|
||||
@@ -32,9 +33,17 @@ class MyServer(wsgiref.simple_server.WSGIServer):
|
||||
self.set_app(self.my_method)
|
||||
|
||||
def my_method(self, _env, start_response): # $ requestHandler
|
||||
start_response("200 OK", [])
|
||||
start_response("200 OK", []) # $ headerWriteBulk=List headerWriteNameUnsanitized headerWriteValueUnsanitized
|
||||
return [b"my_method"] # $ HttpResponse responseBody=List
|
||||
|
||||
def func2(environ, start_response): # $ requestHandler
|
||||
headers = wsgiref.headers.Headers([("Content-Type", "text/plain")]) # $ headerWriteBulk=List headerWriteNameUnsanitized headerWriteValueUnsanitized
|
||||
headers.add_header("X-MyHeader", "a") # $ headerWriteNameUnsanitized="X-MyHeader" headerWriteValueUnsanitized="a"
|
||||
headers.setdefault("X-MyHeader2", "b") # $ headerWriteNameUnsanitized="X-MyHeader2" headerWriteValueUnsanitized="b"
|
||||
headers.__setitem__("X-MyHeader3", "c") # $ headerWriteNameUnsanitized="X-MyHeader3" headerWriteValueUnsanitized="c"
|
||||
headers["X-MyHeader4"] = "d" # $ headerWriteNameUnsanitized="X-MyHeader4" headerWriteValueUnsanitized="d"
|
||||
start_response(status, headers) # $ headerWriteBulk=headers headerWriteNameUnsanitized headerWriteValueUnsanitized
|
||||
return [b"Hello"] # $ HttpResponse responseBody=List
|
||||
|
||||
case = sys.argv[1]
|
||||
if case == "1":
|
||||
@@ -45,9 +54,11 @@ elif case == "2":
|
||||
elif case == "3":
|
||||
server = MyServer()
|
||||
def func3(_env, start_response): # $ requestHandler
|
||||
start_response("200 OK", [])
|
||||
start_response("200 OK", []) # $ headerWriteBulk=List headerWriteNameUnsanitized headerWriteValueUnsanitized
|
||||
return [b"foo"] # $ HttpResponse responseBody=List
|
||||
server.set_app(func3)
|
||||
elif case == "4":
|
||||
server = wsgiref.simple_server.make_server(ADDRESS[0], ADDRESS[1], func2)
|
||||
else:
|
||||
sys.exit("wrong case")
|
||||
|
||||
|
||||
Reference in New Issue
Block a user