python-security/pyt

View on GitHub
pyt/vulnerability_definitions/django_trigger_words.pyt

Summary

Maintainability
Test Coverage
{
    "sources": [
        "POST.get(",
        "GET.get(",
        "META.get(",
        "POST[",
        "GET[",
        "META[",
        "FILES[",
        ".data",
        "form[",
        "form(",
        "mark_safe(",
        "cookies[",
        "files[",
        "SQLAlchemy"
    ],
    "sinks": {
        "replace(": {
            "sanitisers": [
                "escape"
            ]
        },
        "send_file(": {
            "sanitisers": [
                "'..'",
                "'..' in"
            ]
        },
        "execute(": {},
        "system(": {},
        "filter(": {},
        "subprocess.call(": {},
        "render_template(": {},
        "set_cookie(": {},
        "redirect(": {},
        "url_for(": {},
        "flash(": {},
        "jsonify(": {},
        "render(": {},
        "render_to_response(": {},
        "Popen(": {}
    }
}