mirror of
https://github.com/github/codeql.git
synced 2025-12-17 01:03:14 +01:00
5a0babe88b
I changed the django mock to support both 1.x and 2.x routing APIs, which is not really a nice long term solution.
20 lines
495 B
Python
20 lines
495 B
Python
"""tests for Django 2.x and 3.x"""
|
|
from django.urls import path
|
|
from django.shortcuts import redirect, render
|
|
|
|
|
|
def with_template(request, path='default'):
|
|
env = {'path': path}
|
|
# We would need to understand django templates to know if this is safe or not
|
|
return render(request, 'possibly-vulnerable-template.html', env)
|
|
|
|
|
|
def vuln_redirect(request, path):
|
|
return redirect(path)
|
|
|
|
|
|
urlpatterns = [
|
|
path('/<path>', with_template),
|
|
path('/redirect/<path>', vuln_redirect),
|
|
]
|