openstack
/
deb-python-k8sclient
Code Issues Proposed changes

Validate scheme used in urlopen 

An invalid url scheme could be used in urlopen in the python k8s
swagger client to violate security.  Validate that the URL is either
http or https and turn off noise from bandit.

Change-Id: I15fe8f9953e526beb25d84895ed3925a758ccda4
Implements: blueprint gate-bandit
This commit is contained in:
Steven Dake 2015-04-12 14:42:30 -07:00
parent c9b7bd6b2c
commit 8adf61ea90
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
magnum/common/pythonk8sclient/client/swagger.py
View File

@ -17,6 +17,7 @@ import mimetypes
import random
import string
from magnum import utils
from models import *
@ -94,11 +95,13 @@ class ApiClient(object):
else:
raise Exception('Method ' + method + ' is not recognized.')
utils.raise_exception_invalid_scheme(url)
request = MethodRequest(method=method, url=url, headers=headers,
data=data)
# Make the request
response = urllib2.urlopen(request)
response = urllib2.urlopen(request) #nosec
if 'Set-Cookie' in response.headers:
self.cookie = response.headers['Set-Cookie']
string = response.read()