Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Avoid raising S310 on safe f-strings #12245

Closed
dscorbett opened this issue Jul 8, 2024 · 1 comment · Fixed by #12305
Closed

Avoid raising S310 on safe f-strings #12245

dscorbett opened this issue Jul 8, 2024 · 1 comment · Fixed by #12305
Labels
help wanted Contributions especially welcome rule Implementing or modifying a lint rule

Comments

@dscorbett
Copy link

Given this input file (s310_fstring.py):

from urllib.request import urlopen
foo = "foo"
urlopen(f"https://www.example.com/{foo}")

Ruff reports a violation of rule S310.

$ ruff check --select S310 --output-format concise s310_fstring.py
s310_fstring.py:3:1: S310 Audit URL open for permitted schemes. Allowing use of `file:` or custom schemes is often unexpected.
Found 1 error.

Even though the argument is an f-string, Ruff should be able to detect that it begins with a permitted scheme. Compare #8040.
@dhruvmanila
Copy link
Member

Yeah, I think this makes sense. We can check for the first f-string literal part and verify if it begins with http or https similar to string literal.
@dhruvmanila dhruvmanila added rule Implementing or modifying a lint rule help wanted Contributions especially welcome labels Jul 9, 2024
This was referenced Jul 12, 2024
Closed
Merged
charliermarsh pushed a commit that referenced this issue Jul 13, 2024
@zzztimbo
[flake8-bandit] Avoid S310 violations for HTTP-safe f-strings (#1…
1a3ee45 
…2305)

this resolves #12245
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
help wanted Contributions especially welcome rule Implementing or modifying a lint rule
2 participants
@dscorbett @dhruvmanila