Mercurial Repositories > eric / file comparison
comparison: src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/requestWithoutTimeout.py
src/eric7/Plugins/CheckerPlugins/CodeStyleChecker/Security/Checks/requestWithoutTimeout.py
- branch
- eric7
- changeset 10996
- a3dc181d14e1
- parent 10683
- 779cda568acb
- child 11090
- f5f5f5803935
equal
deleted
inserted
replaced
| 10995:f94a27bbf6c4 | 10996:a3dc181d14e1 |
|---|---|
| 2 | 2 |
| 3 # Copyright (c) 2022 - 2024 Detlev Offenbach <detlev@die-offenbachs.de> | 3 # Copyright (c) 2022 - 2024 Detlev Offenbach <detlev@die-offenbachs.de> |
| 4 # | 4 # |
| 5 | 5 |
| 6 """ | 6 """ |
| 7 Module implementing checks for using requests without timeout. | 7 Module implementing checks for using 'requests' or 'httpx' calls without timeout. |
| 8 """ | 8 """ |
| 9 | 9 |
| 10 # | 10 # |
| 11 # This is a modified version of the one found in the bandit package. | 11 # This is a modified version of the one found in the bandit package. |
| 12 # | 12 # |
| 38 @param context security context object | 38 @param context security context object |
| 39 @type SecurityContext | 39 @type SecurityContext |
| 40 @param _config dictionary with configuration data (unused) | 40 @param _config dictionary with configuration data (unused) |
| 41 @type dict | 41 @type dict |
| 42 """ | 42 """ |
| 43 httpVerbs = ("get", "options", "head", "post", "put", "patch", "delete") | 43 httpVerbs = {"get", "options", "head", "post", "put", "patch", "delete"} |
| 44 httpxAttrs = {"request", "stream", "Client", "AsyncClient"} | httpVerbs | |
| 44 qualName = context.callFunctionNameQual.split(".")[0] | 45 qualName = context.callFunctionNameQual.split(".")[0] |
| 45 if qualName == "requests" and context.callFunctionName in httpVerbs: | 46 if (qualName == "requests" and context.callFunctionName in httpVerbs) or ( |
| 47 qualName == "httpx" and context.callFunctionName in httpxAttrs | |
| 48 ): | |
| 46 # check for missing timeout | 49 # check for missing timeout |
| 47 if context.checkCallArgValue("timeout") is None: | 50 if context.checkCallArgValue("timeout") is None: |
| 48 reportError( | 51 reportError( |
| 49 context.node.lineno - 1, | 52 context.node.lineno - 1, |
| 50 context.node.col_offset, | 53 context.node.col_offset, |
| 51 "S114.1", | 54 "S114.1", |
| 52 "M", | 55 "M", |
| 53 "L", | 56 "L", |
| 57 qualName, | |
| 54 ) | 58 ) |
| 55 | 59 |
| 56 # check for timeout=None | 60 # check for timeout=None |
| 57 if context.checkCallArgValue("timeout", "None"): | 61 if context.checkCallArgValue("timeout", "None"): |
| 58 reportError( | 62 reportError( |
| 59 context.node.lineno - 1, | 63 context.node.lineno - 1, |
| 60 context.node.col_offset, | 64 context.node.col_offset, |
| 61 "S114.2", | 65 "S114.2", |
| 62 "M", | 66 "M", |
| 63 "L", | 67 "L", |
| 68 qualName, | |
| 64 ) | 69 ) |
