Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Fall 2021] Step 2: Coverage Improvement - Cover Flask class based views #52

Open
onionymous opened this issue Sep 20, 2021 · 0 comments
Open

[Fall 2021] Step 2: Coverage Improvement - Cover Flask class based views #52

onionymous opened this issue Sep 20, 2021 · 0 comments
Assignees
@EshikaShah
Labels
coverage improvement Adds coverage improvement for missing model or rule in Pysa Fall 2021 Issues related to the Pysa project for MLH Fellowship cohort of Fall 2021 step 2 Level 2 project for MLH Fall 2021

Comments

@onionymous
Copy link
Collaborator

onionymous commented Sep 20, 2021
edited by 0xedward
Loading

Flask is a popular open-source web framework written in Python. Pysa already has some models for Flask (see flask_sources_sinks.pysa), but we are missing some coverage.

A view function in Flask is code that responds to an application, which can take in user-controlled data and return a response. Flask also supports class-based views as an alternate way of defining views.

It looks like some functions on the View classes such as (but not limited to) get/post/other verbs as well as dispatch_request can accept user-controlled data and return data to users. We should taint all the function parameters as being sources of UserControlled data and the functions as being returning data to users. Consider also looking into the as_view function and how we might model that.

The Pysa DSL might be useful for doing this.

Submitting a PR

We use the following linters internally, so to save everyone's time, please make sure you run the following linters locally and fix errors related to the files you modified before submitting a PR:

black && usort format . && flake8

To install the linters, you can run the following command:

pip install flake8 usort black==21.4b2
@onionymous onionymous added Fall 2021 Issues related to the Pysa project for MLH Fellowship cohort of Fall 2021 coverage improvement Adds coverage improvement for missing model or rule in Pysa step 1 Level 1 project for MLH Fall 2021 labels Sep 20, 2021
@onionymous onionymous changed the title [Fall 2021] Coverage Improvement - Cover Flask class based views [Fall 2021] Step 1: Coverage Improvement - Cover Flask class based views Sep 20, 2021
@onionymous onionymous changed the title [Fall 2021] Step 1: Coverage Improvement - Cover Flask class based views [Fall 2021] Step 2: Coverage Improvement - Cover Flask class based views Sep 27, 2021
@onionymous onionymous added step 2 Level 2 project for MLH Fall 2021 and removed step 1 Level 1 project for MLH Fall 2021 labels Sep 27, 2021
@EshikaShah EshikaShah self-assigned this Nov 1, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@EshikaShah EshikaShah

Labels
coverage improvement Adds coverage improvement for missing model or rule in Pysa Fall 2021 Issues related to the Pysa project for MLH Fellowship cohort of Fall 2021 step 2 Level 2 project for MLH Fall 2021
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@onionymous @EshikaShah