hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 09:43:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
codeql-cli-2.20.7
codeql/python/ql/test/library-tests/frameworks/tornado/basic.py
Rasmus Wriedt Larsen d9079e34e3 Python: Move framework tests out of experimental 
Since they are not experimental anymore 😄
2021-03-19 15:51:54 +01:00

70 lines
2.0 KiB
Python
Raw Permalink Blame History

import tornado.web
class BasicHandler(tornado.web.RequestHandler):
def get(self): # $ requestHandler
self.write("BasicHandler " + self.get_argument("xss")) # $ HttpResponse
def post(self): # $ requestHandler
self.write("BasicHandler (POST)") # $ HttpResponse
class DeepInheritance(BasicHandler):
def get(self): # $ requestHandler
self.write("DeepInheritance" + self.get_argument("also_xss")) # $ HttpResponse
class FormHandler(tornado.web.RequestHandler):
def post(self): # $ requestHandler
name = self.get_body_argument("name")
self.write(name) # $ HttpResponse
class RedirectHandler(tornado.web.RequestHandler):
def get(self): # $ requestHandler
req = self.request
h = req.headers
url = h["url"]
self.redirect(url) # $ HttpRedirectResponse HttpResponse redirectLocation=url
class BaseReverseInheritance(tornado.web.RequestHandler):
def get(self): # $ requestHandler
self.write("hello from BaseReverseInheritance") # $ HttpResponse
class ReverseInheritance(BaseReverseInheritance):
pass
def make_app():
return tornado.web.Application(
[
(r"/basic", BasicHandler), # $ routeSetup="/basic"
(r"/deep", DeepInheritance), # $ routeSetup="/deep"
(r"/form", FormHandler), # $ routeSetup="/form"
(r"/redirect", RedirectHandler), # $ routeSetup="/redirect"
(r"/reverse-inheritance", ReverseInheritance), # $ routeSetup="/reverse-inheritance"
],
debug=True,
)
if __name__ == "__main__":
import tornado.ioloop
app = make_app()
app.listen(8888)
tornado.ioloop.IOLoop.current().start()
# http://localhost:8888/basic?xss=foo
# http://localhost:8888/deep?also_xss=foo
# curl -X POST http://localhost:8888/basic
# curl -X POST http://localhost:8888/deep
# curl -X POST -F "name=foo" http://localhost:8888/form
# curl -v -H 'url: http://example.com' http://localhost:8888/redirect
# http://localhost:8888/reverse-inheritance
Reference in New Issue View Git Blame Copy Permalink