Skip to content

Commit bbba906

Browse files
am0o0am0o0
committed
a little bit change on flask example
1 parent 6f8ec11 commit bbba906

2 files changed

Lines changed: 3 additions & 9 deletions

File tree

python/ql/src/experimental/Security/CWE-287-ConstantSecretKey/examples/example_Flask_safe.py

Lines changed: 2 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -7,11 +7,8 @@
77

88

99
@app.route('/')
10-
def DEB_EX():
11-
if 'logged_in' not in session:
12-
session['logged_in'] = 'value'
13-
# debuggin whether secret_key is secure or not
14-
return app.secret_key
10+
def CheckForSecretKeyValue():
11+
return app.secret_key, session.get('logged_in')
1512

1613

1714
if __name__ == '__main__':

python/ql/src/experimental/Security/CWE-287-ConstantSecretKey/examples/example_Flask_unsafe.py

Lines changed: 1 addition & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -14,10 +14,7 @@
1414

1515

1616
@app.route('/')
17-
def DEB_EX():
18-
if 'logged_in' not in session:
19-
session['logged_in'] = 'value'
20-
# debugging whether secret_key is secure or not
17+
def CheckForSecretKeyValue():
2118
return app.secret_key, session.get('logged_in')
2219

2320

0 commit comments

Comments
 (0)