Feb-15-2019, 10:55 PM
Hello
I produced a python code and I already checked and removed all the vulnerabilities. But I need help to disclose any lift vulnerability that I did not see it.
I produced a python code and I already checked and removed all the vulnerabilities. But I need help to disclose any lift vulnerability that I did not see it.
import base64 import mimetypes import os import hashlib import hmac import requests from django.core.urlresolvers import reverse from django.http import HttpResponse from django.shortcuts import redirect, render from django.views.decorators.csrf import csrf_exempt def function(s): return s.strip().replace(' ', '').lower() def form(request): env = {'message': request.GET.get('message', 'hello')} response = render(request, 'forms/form.html', env) response.set_cookie(key='msg_rendered_at', value=time.time()) return response def proxy(request): url = request.GET.get('url') return redirect(url) def compute_hmac_signature(message, key): key = bytes(key, 'UTF-8') message = bytes(message, 'UTF-8') digest = hmac.new(key, message, hashlib.sha1).hexdigest() return "sha1={}".format(str(digest)) def user_pic(request): """A view that returns the user's avatar image""" base_path = os.path.join(os.path.dirname(__file__), '../../static/avatars') filename = request.GET.get('u') try: data = open(os.path.join(base_path, filename), 'rb').read() except IOError: return render(request, 'templates/avatar.html') return HttpResponse(data, content_type=mimetypes.guess_type(filename)[0])