Skip to content

Import cornice tests#3506

Draft
leplatrem wants to merge 4 commits intomainfrom
import-cornice-tests
Draft

Import cornice tests#3506
leplatrem wants to merge 4 commits intomainfrom
import-cornice-tests

Conversation

@leplatrem
Copy link
Copy Markdown
Contributor

@leplatrem leplatrem commented Feb 21, 2025

No description provided.

github-advanced-security[bot]
github-advanced-security AI found potential problems Feb 21, 2025
View reviewed changes
Comment thread tests/core/cornice/test_service.py
foo = Service(name="foo", path="/foo", cors_origins=("mozilla.org",))
foo.add_view("GET", _stub, cors_origins=("lolnet.org",))

self.assertTrue("mozilla.org" in foo.cors_origins_for("GET"))

Check failure

Code scanning / CodeQL

Incomplete URL substring sanitization

The string [mozilla.org](1) may be at an arbitrary position in the sanitized URL.
Comment thread tests/core/cornice/test_service.py
foo.add_view("GET", _stub, cors_origins=("lolnet.org",))

self.assertTrue("mozilla.org" in foo.cors_origins_for("GET"))
self.assertTrue("lolnet.org" in foo.cors_origins_for("GET"))

Check failure

Code scanning / CodeQL

Incomplete URL substring sanitization

The string [lolnet.org](1) may be at an arbitrary position in the sanitized URL.
Comment thread tests/core/cornice/test_service.py
self.assertTrue("lolnet.org" in foo.cors_origins_for("GET"))

foo.add_view("POST", _stub)
self.assertFalse("lolnet.org" in foo.cors_origins_for("POST"))

Check failure

Code scanning / CodeQL

Incomplete URL substring sanitization

The string [lolnet.org](1) may be at an arbitrary position in the sanitized URL.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@leplatrem @github-advanced-security