Julien Delange • Wednesday, October 19, 2022
Python Jinja2: always autoescape to avoid XSS attacks
Not using autoescape in jinja2 makes your vulnerable to XSS attacks. Always use autoescape=True in your Jinja2 environment
Read more • 4 min. read
← All posts
Posts with "code analysis"
Julien Delange • Tuesday, October 18, 2022
Unsafe Deserialization in Python (CWE-502)
Unsafe deserialization can cause an attack and compromise your system. You need to check your Python code to make sure you avoid them.
Read more • 5 min. read
Julien Delange • Monday, October 17, 2022
SSL module in Python: stay secure!
The Python SSL module gives a false sense of security and must be used carefully.
Read more • 4 min. read
Julien Delange • Sunday, October 16, 2022
Secure Python Code: safe usage of the subprocess module
The subprocess Python module may introduce OS injection vulnerabilities, which is a serious security concern. Do not use shell=True or mitidate the issue by checking the function input.
Read more • 5 min. read
Julien Delange • Saturday, October 15, 2022
Safe and Secure Python Code: don’t use eval()
Using eval() in Python introduces security issues in your Python code. We present how to avoid and fix unsafe and insecure uses of eval()
Read more • 4 min. read
Julien Delange • Thursday, October 13, 2022
Python Best Practices: always use a timeout with the requests library
Not using a timeout with the requests library may have performance consequences for your program. Lean how to avoid them.
Read more • 4 min. read
Julien Delange • Monday, September 5, 2022
Rethinking Static Code Analysis
The Codiga Team is rethinking how static code analysis is done today and planning to deliver a new static code analyzer in the coming months.
Read more • 6 min. read
Julien Delange • Wednesday, August 17, 2022
What is Static Application Security Testing - SAST?
Static Application Security Testing (or SAST) tools find security vulnerabilities in your source code at different stages of the Software Development Lifecycle. We explain how SAST help you build secure and robust applications and when to use it.
Read more • 6 min. read
Schedule a demo
Code analyzed in seconds with Codiga Automated Code Reviews.
Write code faster with the Codiga Coding Assistant.
Let's talk!