Merge "Added missing HTTP verbs to the requests checks"
This commit is contained in:
commit
bde5f958be
|
@ -20,12 +20,9 @@ from bandit.core.test_properties import *
|
|||
|
||||
@checks('Call')
|
||||
def request_with_no_cert_validation(context):
|
||||
if (
|
||||
'requests' in context.call_function_name_qual and (
|
||||
'get' in context.call_function_name or
|
||||
'post' in context.call_function_name)
|
||||
):
|
||||
|
||||
http_verbs = ('get', 'options', 'head', 'post', 'put', 'patch', 'delete')
|
||||
if ('requests' in context.call_function_name_qual and
|
||||
context.call_function_name in http_verbs):
|
||||
if context.check_call_arg_value('verify', 'False'):
|
||||
|
||||
return bandit.Issue(
|
||||
|
|
|
@ -4,3 +4,13 @@ requests.get('https://gmail.com', verify=True)
|
|||
requests.get('https://gmail.com', verify=False)
|
||||
requests.post('https://gmail.com', verify=True)
|
||||
requests.post('https://gmail.com', verify=False)
|
||||
requests.put('https://gmail.com', verify=True)
|
||||
requests.put('https://gmail.com', verify=False)
|
||||
requests.delete('https://gmail.com', verify=True)
|
||||
requests.delete('https://gmail.com', verify=False)
|
||||
requests.patch('https://gmail.com', verify=True)
|
||||
requests.patch('https://gmail.com', verify=False)
|
||||
requests.options('https://gmail.com', verify=True)
|
||||
requests.options('https://gmail.com', verify=False)
|
||||
requests.head('https://gmail.com', verify=True)
|
||||
requests.head('https://gmail.com', verify=False)
|
||||
|
|
|
@ -266,7 +266,7 @@ class FunctionalTests(testtools.TestCase):
|
|||
|
||||
def test_requests_ssl_verify_disabled(self):
|
||||
'''Test for the `requests` library skipping verification.'''
|
||||
expect = {'SEVERITY': {'HIGH': 2}, 'CONFIDENCE': {'HIGH': 2}}
|
||||
expect = {'SEVERITY': {'HIGH': 7}, 'CONFIDENCE': {'HIGH': 7}}
|
||||
self.check_example('requests-ssl-verify-disabled.py', expect)
|
||||
|
||||
def test_skip(self):
|
||||
|
|
Loading…
Reference in New Issue