Mercurial Repositories > eric / file comparison
comparison: src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py
src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/translations.py
- branch
- eric7
- changeset 11297
- 2c773823fb7d
- parent 11148
- 15e30f0c76a8
- child 11300
- 0119e3818e12
equal
deleted
inserted
replaced
| 11296:2894ef54fe84 | 11297:2c773823fb7d |
|---|---|
| 377 "Security", | 377 "Security", |
| 378 "The Python source file contains bidirectional control characters ({0}).", | 378 "The Python source file contains bidirectional control characters ({0}).", |
| 379 ), | 379 ), |
| 380 # PyTorch unsafe load or save | 380 # PyTorch unsafe load or save |
| 381 "S-614": QCoreApplication.translate( | 381 "S-614": QCoreApplication.translate( |
| 382 "Security", "Use of unsafe PyTorch load or save." | 382 "Security", "Use of unsafe PyTorch load." |
| 383 ), | 383 ), |
| 384 # Jinja2 templates | 384 # Jinja2 templates |
| 385 "S-701.1": QCoreApplication.translate( | 385 "S-701.1": QCoreApplication.translate( |
| 386 "Security", | 386 "Security", |
| 387 "Using jinja2 templates with 'autoescape=False' is dangerous and can" | 387 "Using jinja2 templates with 'autoescape=False' is dangerous and can" |
| 403 " example, to HTML escape the variable 'data' do ${{ data |h }}.", | 403 " example, to HTML escape the variable 'data' do ${{ data |h }}.", |
| 404 ), | 404 ), |
| 405 # Django XSS vulnerability | 405 # Django XSS vulnerability |
| 406 "S-703": QCoreApplication.translate( | 406 "S-703": QCoreApplication.translate( |
| 407 "Security", "Potential XSS on 'mark_safe()' function." | 407 "Security", "Potential XSS on 'mark_safe()' function." |
| 408 ), | |
| 409 # Markupsafe XSS vulnerability | |
| 410 "S-704": QCoreApplication.translate( | |
| 411 "Security", | |
| 412 "Potential XSS with '{0}' detected. Do not use '{1}' on untrusted data.", | |
| 408 ), | 413 ), |
| 409 # hardcoded AWS passwords | 414 # hardcoded AWS passwords |
| 410 "S-801": QCoreApplication.translate( | 415 "S-801": QCoreApplication.translate( |
| 411 "Security", "Possible hardcoded AWS access key ID: {0}" | 416 "Security", "Possible hardcoded AWS access key ID: {0}" |
| 412 ), | 417 ), |
| 445 "S-412": ["wsgiref.handlers.CGIHandler"], | 450 "S-412": ["wsgiref.handlers.CGIHandler"], |
| 446 "S-413": ["Crypto.Cipher"], | 451 "S-413": ["Crypto.Cipher"], |
| 447 "S-505": ["RSA", 2048], | 452 "S-505": ["RSA", 2048], |
| 448 "S-609": ["os.system"], | 453 "S-609": ["os.system"], |
| 449 "S-613": [repr("\u202e")], | 454 "S-613": [repr("\u202e")], |
| 455 "S-704": ["markupsafe.Markup", "Markup"], | |
| 450 "S-801": ["A1B2C3D4E5F6G7H8I9J0"], # secok | 456 "S-801": ["A1B2C3D4E5F6G7H8I9J0"], # secok |
| 451 "S-802": ["aA1bB2cC3dD4/eE5fF6gG7+hH8iI9jJ0=kKlLM+="], # secok | 457 "S-802": ["aA1bB2cC3dD4/eE5fF6gG7+hH8iI9jJ0=kKlLM+="], # secok |
| 452 } | 458 } |
