sdk/python/Web Frameworks/PyWsgiref

PyWsgiref

The wsgiref module for WSGI utilities. simple_server.make_server is dev-only — production should use gunicorn or waitress. util.request_uri reconstructs the URL from environ and is a source.

1 source1 sink

Taint flow1 source → 1 sink

Sources — untrusted input

.request_uri()Reconstructs the request URL

→

taint

Sinks — dangerous call

.make_server()Creates a development WSGI server

Sources

— user-controlled input enters here

.request_uri()Source

Signature

wsgiref.util.request_uri(environ, include_query=True) -> str

Reconstructs the request URL. Source when environ reflects real traffic.

tracks:return

Sinks

— dangerous functions taint must not reach

.make_server()Sink

Signature

wsgiref.simple_server.make_server(host, port, app, ...) -> WSGIServer

Creates a development WSGI server. Finding on production use.

Fully-Qualified Names

FQN	Field
wsgiref	fqns[0]

Wrong FQN → 0 findings. Verify with: change fqns to garbage → must produce 0 results.

Import

rule.py

from codepathfinder.go_rule import PyWsgiref

← PreviousPyWerkzeug

Next →PyWtforms