Waiting for validation
Quelle condition complète correctement la vérification pour empêcher une attaque SSRF (Server-Side Request Forgery) ?
import requests
from urllib.parse import urlparse
ALLOWED_DOMAINS = {'api.service.com', 'internal.data.local'}
def fetch_resource(user_url):
parsed = urlparse(user_url)
if ______________:
return requests.get(user_url).text
raise ValueError("Domaine non autorisé")
Author: WeLoveDevsStatus: Waiting for validationQuestion not yet passed
0
Community EvaluationsNo one has reviewed this question yet, be the first!