Python
/
ruff
mirror of https://github.com/astral-sh/ruff
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[`flake8-bandit`] Avoid `S310` violations for HTTP-safe f-strings (#12305) 

this resolves https://github.com/astral-sh/ruff/issues/12245
This commit is contained in:
Tim Chan 2024-07-13 13:57:05 -07:00 committed by GitHub
parent 65848869d5
commit 1a3ee45b23
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 223 additions and 112 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
crates/ruff_linter/resources/test/fixtures/flake8_bandit/S310.py vendored
View File

@ -1,25 +1,37 @@
import urllib.request
urllib.request.urlopen(url='http://www.google.com')
urllib.request.urlopen(url=f'http://www.google.com')
urllib.request.urlopen(url='http://www.google.com', **kwargs)
urllib.request.urlopen(url=f'http://www.google.com', **kwargs)
urllib.request.urlopen('http://www.google.com')
urllib.request.urlopen(f'http://www.google.com')
urllib.request.urlopen('file:///foo/bar/baz')
urllib.request.urlopen(url)
urllib.request.Request(url='http://www.google.com', **kwargs)
urllib.request.Request(url='http://www.google.com')
urllib.request.Request(url=f'http://www.google.com')
urllib.request.Request(url='http://www.google.com', **kwargs)
urllib.request.Request(url=f'http://www.google.com', **kwargs)
urllib.request.Request('http://www.google.com')
urllib.request.Request(f'http://www.google.com')
urllib.request.Request('file:///foo/bar/baz')
urllib.request.Request(url)
urllib.request.URLopener().open(fullurl='http://www.google.com', **kwargs)
urllib.request.URLopener().open(fullurl='http://www.google.com')
urllib.request.URLopener().open(fullurl=f'http://www.google.com')
urllib.request.URLopener().open(fullurl='http://www.google.com', **kwargs)
urllib.request.URLopener().open(fullurl=f'http://www.google.com', **kwargs)
urllib.request.URLopener().open('http://www.google.com')
urllib.request.URLopener().open(f'http://www.google.com')
urllib.request.URLopener().open('file:///foo/bar/baz')
urllib.request.URLopener().open(url)
urllib.request.urlopen(url=urllib.request.Request('http://www.google.com'))
urllib.request.urlopen(url=urllib.request.Request(f'http://www.google.com'))
urllib.request.urlopen(url=urllib.request.Request('http://www.google.com'), **kwargs)
urllib.request.urlopen(url=urllib.request.Request(f'http://www.google.com'), **kwargs)
urllib.request.urlopen(urllib.request.Request('http://www.google.com'))
urllib.request.urlopen(urllib.request.Request(f'http://www.google.com'))
urllib.request.urlopen(urllib.request.Request('file:///foo/bar/baz'))
urllib.request.urlopen(urllib.request.Request(url))

57
crates/ruff_linter/src/rules/flake8_bandit/rules/suspicious_function_call.rs
View File

@ -850,16 +850,28 @@ pub(crate) fn suspicious_function_call(checker: &mut Checker, call: &ExprCall) {
// MarkSafe
["django", "utils", "safestring" | "html", "mark_safe"] => Some(SuspiciousMarkSafeUsage.into()),
// URLOpen (`Request`)
["urllib", "request","Request"] |
["urllib", "request", "Request"] |
["six", "moves", "urllib", "request","Request"] => {
// If the `url` argument is a string literal, allow `http` and `https` schemes.
// If the `url` argument is a string literal or an f string, allow `http` and `https` schemes.
if call.arguments.args.iter().all(|arg| !arg.is_starred_expr()) && call.arguments.keywords.iter().all(|keyword| keyword.arg.is_some()) {
if let Some(Expr::StringLiteral(ast::ExprStringLiteral { value, .. })) = &call.arguments.find_argument("url", 0) {
match call.arguments.find_argument("url", 0) {
// If the `url` argument is a string literal, allow `http` and `https` schemes.
Some(Expr::StringLiteral(ast::ExprStringLiteral { value, .. })) => {
let url = value.to_str().trim_start();
if url.starts_with("http://") || url.starts_with("https://") {
return None;
}
},
// If the `url` argument is an f-string literal, allow `http` and `https` schemes.
Some(Expr::FString(ast::ExprFString { value, .. })) => {
if let Some(ast::FStringElement::Literal(ast::FStringLiteralElement { value, .. })) = value.elements().next() {
let url = value.trim_start();
if url.starts_with("http://") || url.starts_with("https://") {
return None;
}
}
},
_ => {}
}
}
Some(SuspiciousURLOpenUsage.into())
@ -868,27 +880,52 @@ pub(crate) fn suspicious_function_call(checker: &mut Checker, call: &ExprCall) {
["urllib", "request", "urlopen" | "urlretrieve" ] |
["six", "moves", "urllib", "request", "urlopen" | "urlretrieve" ] => {
if call.arguments.args.iter().all(|arg| !arg.is_starred_expr()) && call.arguments.keywords.iter().all(|keyword| keyword.arg.is_some()) {
if let Some(arg) = &call.arguments.find_argument("url", 0) {
match call.arguments.find_argument("url", 0) {
// If the `url` argument is a string literal, allow `http` and `https` schemes.
if let Expr::StringLiteral(ast::ExprStringLiteral { value, .. }) = arg {
Some(Expr::StringLiteral(ast::ExprStringLiteral { value, .. })) => {
let url = value.to_str().trim_start();
if url.starts_with("http://") || url.starts_with("https://") {
return None;
}
}
},
// If the `url` argument is an f-string literal, allow `http` and `https` schemes.
Some(Expr::FString(ast::ExprFString { value, .. })) => {
if let Some(ast::FStringElement::Literal(ast::FStringLiteralElement { value, .. })) = value.elements().next() {
let url = value.trim_start();
if url.starts_with("http://") || url.starts_with("https://") {
return None;
}
}
},
// If the `url` argument is a `urllib.request.Request` object, allow `http` and `https` schemes.
if let Expr::Call(ExprCall { func, arguments, .. }) = arg {
Some(Expr::Call(ExprCall { func, arguments, .. })) => {
if checker.semantic().resolve_qualified_name(func.as_ref()).is_some_and(|name| name.segments() == ["urllib", "request", "Request"]) {
if let Some( Expr::StringLiteral(ast::ExprStringLiteral { value, .. })) = arguments.find_argument("url", 0) {
match arguments.find_argument("url", 0) {
// If the `url` argument is a string literal, allow `http` and `https` schemes.
Some(Expr::StringLiteral(ast::ExprStringLiteral { value, .. })) => {
let url = value.to_str().trim_start();
if url.starts_with("http://") || url.starts_with("https://") {
return None;
}
},
// If the `url` argument is an f-string literal, allow `http` and `https` schemes.
Some(Expr::FString(ast::ExprFString { value, .. })) => {
if let Some(ast::FStringElement::Literal(ast::FStringLiteralElement { value, .. })) = value.elements().next() {
let url = value.trim_start();
if url.starts_with("http://") || url.starts_with("https://") {
return None;
}
}
},
_ => {}
}
}
}
},
_ => {}
}
}
Some(SuspiciousURLOpenUsage.into())

262
crates/ruff_linter/src/rules/flake8_bandit/snapshots/ruff_linter__rules__flake8_bandit__tests__S310_S310.py.snap
View File

@ -1,150 +1,212 @@
---
source: crates/ruff_linter/src/rules/flake8_bandit/mod.rs
---
S310.py:4:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
S310.py:5:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
|
3 | urllib.request.urlopen(url='http://www.google.com')
4 | urllib.request.urlopen(url='http://www.google.com', **kwargs)
4 | urllib.request.urlopen(url=f'http://www.google.com')
5 | urllib.request.urlopen(url='http://www.google.com', **kwargs)
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
5 | urllib.request.urlopen('http://www.google.com')
6 | urllib.request.urlopen('file:///foo/bar/baz')
6 | urllib.request.urlopen(url=f'http://www.google.com', **kwargs)
7 | urllib.request.urlopen('http://www.google.com')
|
S310.py:6:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
|
4 | urllib.request.urlopen(url='http://www.google.com', **kwargs)
5 | urllib.request.urlopen('http://www.google.com')
6 | urllib.request.urlopen('file:///foo/bar/baz')
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
7 | urllib.request.urlopen(url)
|
S310.py:7:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
|
5 | urllib.request.urlopen('http://www.google.com')
6 | urllib.request.urlopen('file:///foo/bar/baz')
7 | urllib.request.urlopen(url)
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
8 |
9 | urllib.request.Request(url='http://www.google.com', **kwargs)
4 | urllib.request.urlopen(url=f'http://www.google.com')
5 | urllib.request.urlopen(url='http://www.google.com', **kwargs)
6 | urllib.request.urlopen(url=f'http://www.google.com', **kwargs)
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
7 | urllib.request.urlopen('http://www.google.com')
8 | urllib.request.urlopen(f'http://www.google.com')
|
S310.py:9:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
|
7 | urllib.request.urlopen(url)
8 |
9 | urllib.request.Request(url='http://www.google.com', **kwargs)
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
10 | urllib.request.Request(url='http://www.google.com')
11 | urllib.request.Request('http://www.google.com')
|
S310.py:12:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
|
10 | urllib.request.Request(url='http://www.google.com')
11 | urllib.request.Request('http://www.google.com')
12 | urllib.request.Request('file:///foo/bar/baz')
7 | urllib.request.urlopen('http://www.google.com')
8 | urllib.request.urlopen(f'http://www.google.com')
9 | urllib.request.urlopen('file:///foo/bar/baz')
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
13 | urllib.request.Request(url)
10 | urllib.request.urlopen(url)
|
S310.py:13:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
S310.py:10:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
|
11 | urllib.request.Request('http://www.google.com')
12 | urllib.request.Request('file:///foo/bar/baz')
13 | urllib.request.Request(url)
8 | urllib.request.urlopen(f'http://www.google.com')
9 | urllib.request.urlopen('file:///foo/bar/baz')
10 | urllib.request.urlopen(url)
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
14 |
15 | urllib.request.URLopener().open(fullurl='http://www.google.com', **kwargs)
11 |
12 | urllib.request.Request(url='http://www.google.com')
|
S310.py:14:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
|
12 | urllib.request.Request(url='http://www.google.com')
13 | urllib.request.Request(url=f'http://www.google.com')
14 | urllib.request.Request(url='http://www.google.com', **kwargs)
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
15 | urllib.request.Request(url=f'http://www.google.com', **kwargs)
16 | urllib.request.Request('http://www.google.com')
|
S310.py:15:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
|
13 | urllib.request.Request(url)
14 |
15 | urllib.request.URLopener().open(fullurl='http://www.google.com', **kwargs)
| ^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
16 | urllib.request.URLopener().open(fullurl='http://www.google.com')
17 | urllib.request.URLopener().open('http://www.google.com')
|
S310.py:16:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
|
15 | urllib.request.URLopener().open(fullurl='http://www.google.com', **kwargs)
16 | urllib.request.URLopener().open(fullurl='http://www.google.com')
| ^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
17 | urllib.request.URLopener().open('http://www.google.com')
18 | urllib.request.URLopener().open('file:///foo/bar/baz')
|
S310.py:17:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
|
15 | urllib.request.URLopener().open(fullurl='http://www.google.com', **kwargs)
16 | urllib.request.URLopener().open(fullurl='http://www.google.com')
17 | urllib.request.URLopener().open('http://www.google.com')
| ^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
18 | urllib.request.URLopener().open('file:///foo/bar/baz')
19 | urllib.request.URLopener().open(url)
13 | urllib.request.Request(url=f'http://www.google.com')
14 | urllib.request.Request(url='http://www.google.com', **kwargs)
15 | urllib.request.Request(url=f'http://www.google.com', **kwargs)
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
16 | urllib.request.Request('http://www.google.com')
17 | urllib.request.Request(f'http://www.google.com')
|
S310.py:18:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
|
16 | urllib.request.URLopener().open(fullurl='http://www.google.com')
17 | urllib.request.URLopener().open('http://www.google.com')
18 | urllib.request.URLopener().open('file:///foo/bar/baz')
| ^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
19 | urllib.request.URLopener().open(url)
16 | urllib.request.Request('http://www.google.com')
17 | urllib.request.Request(f'http://www.google.com')
18 | urllib.request.Request('file:///foo/bar/baz')
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
19 | urllib.request.Request(url)
|
S310.py:19:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
|
17 | urllib.request.URLopener().open('http://www.google.com')
18 | urllib.request.URLopener().open('file:///foo/bar/baz')
19 | urllib.request.URLopener().open(url)
| ^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
17 | urllib.request.Request(f'http://www.google.com')
18 | urllib.request.Request('file:///foo/bar/baz')
19 | urllib.request.Request(url)
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
20 |
21 | urllib.request.urlopen(url=urllib.request.Request('http://www.google.com'))
21 | urllib.request.URLopener().open(fullurl='http://www.google.com')
|
S310.py:21:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
|
19 | urllib.request.Request(url)
20 |
21 | urllib.request.URLopener().open(fullurl='http://www.google.com')
| ^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
22 | urllib.request.URLopener().open(fullurl=f'http://www.google.com')
23 | urllib.request.URLopener().open(fullurl='http://www.google.com', **kwargs)
|
S310.py:22:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
|
21 | urllib.request.urlopen(url=urllib.request.Request('http://www.google.com'))
22 | urllib.request.urlopen(url=urllib.request.Request('http://www.google.com'), **kwargs)
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
23 | urllib.request.urlopen(urllib.request.Request('http://www.google.com'))
24 | urllib.request.urlopen(urllib.request.Request('file:///foo/bar/baz'))
21 | urllib.request.URLopener().open(fullurl='http://www.google.com')
22 | urllib.request.URLopener().open(fullurl=f'http://www.google.com')
| ^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
23 | urllib.request.URLopener().open(fullurl='http://www.google.com', **kwargs)
24 | urllib.request.URLopener().open(fullurl=f'http://www.google.com', **kwargs)
|
S310.py:23:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
|
21 | urllib.request.URLopener().open(fullurl='http://www.google.com')
22 | urllib.request.URLopener().open(fullurl=f'http://www.google.com')
23 | urllib.request.URLopener().open(fullurl='http://www.google.com', **kwargs)
| ^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
24 | urllib.request.URLopener().open(fullurl=f'http://www.google.com', **kwargs)
25 | urllib.request.URLopener().open('http://www.google.com')
|
S310.py:24:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
|
22 | urllib.request.urlopen(url=urllib.request.Request('http://www.google.com'), **kwargs)
23 | urllib.request.urlopen(urllib.request.Request('http://www.google.com'))
24 | urllib.request.urlopen(urllib.request.Request('file:///foo/bar/baz'))
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
25 | urllib.request.urlopen(urllib.request.Request(url))
|
S310.py:24:24: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
|
22 | urllib.request.urlopen(url=urllib.request.Request('http://www.google.com'), **kwargs)
23 | urllib.request.urlopen(urllib.request.Request('http://www.google.com'))
24 | urllib.request.urlopen(urllib.request.Request('file:///foo/bar/baz'))
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
25 | urllib.request.urlopen(urllib.request.Request(url))
22 | urllib.request.URLopener().open(fullurl=f'http://www.google.com')
23 | urllib.request.URLopener().open(fullurl='http://www.google.com', **kwargs)
24 | urllib.request.URLopener().open(fullurl=f'http://www.google.com', **kwargs)
| ^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
25 | urllib.request.URLopener().open('http://www.google.com')
26 | urllib.request.URLopener().open(f'http://www.google.com')
|
S310.py:25:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
|
23 | urllib.request.urlopen(urllib.request.Request('http://www.google.com'))
24 | urllib.request.urlopen(urllib.request.Request('file:///foo/bar/baz'))
25 | urllib.request.urlopen(urllib.request.Request(url))
23 | urllib.request.URLopener().open(fullurl='http://www.google.com', **kwargs)
24 | urllib.request.URLopener().open(fullurl=f'http://www.google.com', **kwargs)
25 | urllib.request.URLopener().open('http://www.google.com')
| ^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
26 | urllib.request.URLopener().open(f'http://www.google.com')
27 | urllib.request.URLopener().open('file:///foo/bar/baz')
|
S310.py:26:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
|
24 | urllib.request.URLopener().open(fullurl=f'http://www.google.com', **kwargs)
25 | urllib.request.URLopener().open('http://www.google.com')
26 | urllib.request.URLopener().open(f'http://www.google.com')
| ^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
27 | urllib.request.URLopener().open('file:///foo/bar/baz')
28 | urllib.request.URLopener().open(url)
|
S310.py:27:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
|
25 | urllib.request.URLopener().open('http://www.google.com')
26 | urllib.request.URLopener().open(f'http://www.google.com')
27 | urllib.request.URLopener().open('file:///foo/bar/baz')
| ^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
28 | urllib.request.URLopener().open(url)
|
S310.py:28:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
|
26 | urllib.request.URLopener().open(f'http://www.google.com')
27 | urllib.request.URLopener().open('file:///foo/bar/baz')
28 | urllib.request.URLopener().open(url)
| ^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
29 |
30 | urllib.request.urlopen(url=urllib.request.Request('http://www.google.com'))
|
S310.py:32:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
|
30 | urllib.request.urlopen(url=urllib.request.Request('http://www.google.com'))
31 | urllib.request.urlopen(url=urllib.request.Request(f'http://www.google.com'))
32 | urllib.request.urlopen(url=urllib.request.Request('http://www.google.com'), **kwargs)
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
33 | urllib.request.urlopen(url=urllib.request.Request(f'http://www.google.com'), **kwargs)
34 | urllib.request.urlopen(urllib.request.Request('http://www.google.com'))
|
S310.py:33:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
|
31 | urllib.request.urlopen(url=urllib.request.Request(f'http://www.google.com'))
32 | urllib.request.urlopen(url=urllib.request.Request('http://www.google.com'), **kwargs)
33 | urllib.request.urlopen(url=urllib.request.Request(f'http://www.google.com'), **kwargs)
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
34 | urllib.request.urlopen(urllib.request.Request('http://www.google.com'))
35 | urllib.request.urlopen(urllib.request.Request(f'http://www.google.com'))
|
S310.py:36:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
|
34 | urllib.request.urlopen(urllib.request.Request('http://www.google.com'))
35 | urllib.request.urlopen(urllib.request.Request(f'http://www.google.com'))
36 | urllib.request.urlopen(urllib.request.Request('file:///foo/bar/baz'))
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
37 | urllib.request.urlopen(urllib.request.Request(url))
|
S310.py:36:24: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
|
34 | urllib.request.urlopen(urllib.request.Request('http://www.google.com'))
35 | urllib.request.urlopen(urllib.request.Request(f'http://www.google.com'))
36 | urllib.request.urlopen(urllib.request.Request('file:///foo/bar/baz'))
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
37 | urllib.request.urlopen(urllib.request.Request(url))
|
S310.py:37:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
|
35 | urllib.request.urlopen(urllib.request.Request(f'http://www.google.com'))
36 | urllib.request.urlopen(urllib.request.Request('file:///foo/bar/baz'))
37 | urllib.request.urlopen(urllib.request.Request(url))
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
|
S310.py:25:24: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
S310.py:37:24: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
|
23 | urllib.request.urlopen(urllib.request.Request('http://www.google.com'))
24 | urllib.request.urlopen(urllib.request.Request('file:///foo/bar/baz'))
25 | urllib.request.urlopen(urllib.request.Request(url))
35 | urllib.request.urlopen(urllib.request.Request(f'http://www.google.com'))
36 | urllib.request.urlopen(urllib.request.Request('file:///foo/bar/baz'))
37 | urllib.request.urlopen(urllib.request.Request(url))
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^ S310
|