def filter_json_xsrf(response):
"""drops a warning if a service returns potentially exploitable json
"""
if response.content_type in ('application/json', 'text/json'):
if safe_json_re.match(response.body) is None:
from cornice import logger
logger.warn("returning a json string or array is a potential "
"security hole, please ensure you really want to do this.")
return response
def filter_json_xsrf(response):
"""drops a warning if a service returns potentially exploitable json
"""
if response.content_type in ('application/json', 'text/json'):
if safe_json_re.match(response.body) is None:
from cornice import logger
logger.warn(
"returning a json string or array is a potential "
"security hole, please ensure you really want to do this.")
return response
def filter_json_xsrf(response):
"""drops a warning if a service is returning a json array.
See http://wiki.pylonshq.com/display/pylonsfaq/Warnings for more info
on this
"""
if response.content_type in ('application/json', 'text/json'):
if re.match(r'\s?[\(\[).*[\)\]]\s?', response.body):
from cornice import logger
logger.warn("returning a json array is a potential security "
"hole, please ensure you really want to do this. See "
"http://wiki.pylonshq.com/display/pylonsfaq/Warnings "
"for more info")
return response
def filter_json_xsrf(response):
"""drops a warning if a service is returning a json array.
See http://wiki.pylonshq.com/display/pylonsfaq/Warnings for more info
on this
"""
if response.content_type in ('application/json', 'text/json'):
if re.match(r'\s?[\(\[).*[\)\]]\s?', response.body):
from cornice import logger
logger.warn("returning a json array is a potential security "
"hole, please ensure you really want to do this. See "
"http://wiki.pylonshq.com/display/pylonsfaq/Warnings "
"for more info")
return response
