B703: django_mark_safe
- bandit.plugins.django_xss.django_mark_safe(context)[source]
B703: Potential XSS on mark_safe function
- Example:
>> Issue: [B703:django_mark_safe] Potential XSS on mark_safe function. Severity: Medium Confidence: High CWE: CWE-80 (https://cwe.mitre.org/data/definitions/80.html) Location: examples/mark_safe_insecure.py:159:4 More Info: https://bandit.readthedocs.io/en/latest/plugins/b703_django_mark_safe.html 158 str_arg = 'could be insecure' 159 safestring.mark_safe(str_arg)
See also
New in version 1.5.0.
Changed in version 1.7.3: CWE information added