diff --git a/bandit/blacklists/calls.py b/bandit/blacklists/calls.py index 65e471d86..98ba23fd3 100644 --- a/bandit/blacklists/calls.py +++ b/bandit/blacklists/calls.py @@ -137,6 +137,8 @@ B309: httpsconnection --------------------- +The check for this call has been removed. + Use of HTTPSConnection on older versions of Python prior to 2.7.9 and 3.4.3 do not provide security, see https://wiki.openstack.org/wiki/OSSN/OSSN-0033 @@ -479,21 +481,7 @@ def gen_blacklist(): ) ) - sets.append( - utils.build_conf_dict( - "httpsconnection", - "B309", - issue.Cwe.CLEARTEXT_TRANSMISSION, - [ - "httplib.HTTPSConnection", - "http.client.HTTPSConnection", - "six.moves.http_client.HTTPSConnection", - ], - "Use of HTTPSConnection on older versions of Python prior to 2.7.9" - " and 3.4.3 do not provide security, see " - "https://wiki.openstack.org/wiki/OSSN/OSSN-0033", - ) - ) + # skipped B309 as the check for a call to httpsconnection has been removed sets.append( utils.build_conf_dict( diff --git a/examples/httplib_https.py b/examples/httplib_https.py deleted file mode 100644 index f5de3f974..000000000 --- a/examples/httplib_https.py +++ /dev/null @@ -1,8 +0,0 @@ -import httplib -c = httplib.HTTPSConnection("example.com") - -import http.client -c = http.client.HTTPSConnection("example.com") - -import six -six.moves.http_client.HTTPSConnection("example.com") diff --git a/tests/functional/test_functional.py b/tests/functional/test_functional.py index c45afa58a..a27f69f86 100644 --- a/tests/functional/test_functional.py +++ b/tests/functional/test_functional.py @@ -196,14 +196,6 @@ def test_hardcoded_tmp(self): } self.check_example("hardcoded-tmp.py", expect) - def test_httplib_https(self): - """Test for `httplib.HTTPSConnection`.""" - expect = { - "SEVERITY": {"UNDEFINED": 0, "LOW": 0, "MEDIUM": 3, "HIGH": 0}, - "CONFIDENCE": {"UNDEFINED": 0, "LOW": 0, "MEDIUM": 0, "HIGH": 3}, - } - self.check_example("httplib_https.py", expect) - def test_imports_aliases(self): """Test the `import X as Y` syntax.""" if sys.version_info >= (3, 9):