Skip to content

Commit

Permalink
Fix Requests Without Timeout
Browse files Browse the repository at this point in the history 
This patch fixes requests without timeout. The requests library has no
default timeout. This can cause the code to hang indefinitely. This is
not what we want.

See https://bandit.readthedocs.io/en/1.7.5/plugins/b113_request_without_timeout.html
  • Loading branch information
@lkiesow
lkiesow committed Sep 27, 2023
1 parent 590c578 commit 78208c9
Showing 1 changed file with 9 additions and 4 deletions.
13 changes: 9 additions & 4 deletions proteuscmd/api.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,21 +32,24 @@ def __url(self, path):
def __post(self, path, params):
response = requests.post(self.__url(path),
params=params,
headers=self.__auth_header)
headers=self.__auth_header,
timeout=30)
if response.status_code >= 300:
raise Exception(f'Error from requesting {path}: {response.text}')
return response.json()

def __get(self, path, params):
response = requests.get(self.__url(path),
params=params,
headers=self.__auth_header)
headers=self.__auth_header,
timeout=30)
return response.json()

def __delete(self, path, params):
return requests.delete(self.__url('delete'),
params=params,
headers=self.__auth_header)
headers=self.__auth_header,
timeout=30)

def __parse_domain(self, domain):
for src, to in self.__replacements.items():
Expand All @@ -69,7 +72,9 @@ def login(self):
'''Logging in at Proteus.
'''
payload = {'username': self.__user, 'password': self.__password}
result = requests.get(self.__url('login'), params=payload).json()
result = requests.get(self.__url('login'),
params=payload,
timeout=30).json()
token = result.split()[2] + ' ' + result.split()[3]
self.__auth_header = {
'Authorization': token,
Expand Down

0 comments on commit 78208c9

Please sign in to comment.