diff --git a/tests/python/lang/http_response_splitting/testdata/main.py b/tests/python/lang/http_response_splitting/testdata/main.py index 58f727e4..8e9d059c 100644 --- a/tests/python/lang/http_response_splitting/testdata/main.py +++ b/tests/python/lang/http_response_splitting/testdata/main.py @@ -7,19 +7,20 @@ def do_GET(self): self.send_header("ok", "ok") # bearer:expected python_lang_http_response_splitting - self.send_header(self.path, "ok") + self.send_header(input(), "ok") def do_POST(self): - self.send_header(self.path.replace("\r\n", ""), "ok") - self.send_header("ok", self.path.replace("\r\n", "")) + self.send_header(input().replace("\r\n", ""), "ok") + self.send_header("ok", input().replace("\r\n", "")) # bearer:expected python_lang_http_response_splitting - self.send_header("ok", self.path) + self.send_header("ok", input()) # contrived examples for testing instance rule class Other: def m(self, x: BaseHTTPRequestHandler) -> string: + 1+1 # bearer:expected python_lang_http_response_splitting x.send_header(input(), "ok") @@ -28,5 +29,6 @@ def m(self, x: BaseHTTPRequestHandler) -> string: y.send_header(input(), "ok") def m(self, z: BaseHTTPRequestHandler = default) -> string: + 1+1 # bearer:expected python_lang_http_response_splitting z.send_header(input(), "ok") diff --git a/tests/python/lang/manual_html_sanitization/testdata/main.py b/tests/python/lang/manual_html_sanitization/testdata/main.py index 176a023a..deabdbf4 100644 --- a/tests/python/lang/manual_html_sanitization/testdata/main.py +++ b/tests/python/lang/manual_html_sanitization/testdata/main.py @@ -3,6 +3,7 @@ user_input = input() def bad(): + 1+1 # bearer:expected python_lang_manual_html_sanitization sanitized_value = user_input.replace('<', '<') # bearer:expected python_lang_manual_html_sanitization diff --git a/tests/python/lang/raw_html_using_user_input/testdata/main.py b/tests/python/lang/raw_html_using_user_input/testdata/main.py index 33d7f425..97ebea07 100644 --- a/tests/python/lang/raw_html_using_user_input/testdata/main.py +++ b/tests/python/lang/raw_html_using_user_input/testdata/main.py @@ -3,6 +3,7 @@ user_input = input() def bad(): + 1+1 # bearer:expected python_lang_raw_html_using_user_input html = f"{user_input}"