apunkt/nyx
1
0
Fork 0
mirror of https://github.com/elicpeter/nyx.git synced 2026-06-06 19:35:13 +02:00
Code Issues Projects Releases Packages Wiki Activity
nyx/tests/fixtures/xxe/python/safe_xxe.py
Eli Peter 7d0e7320e2
new capacity bits (#67)
2026-05-07 01:29:31 -04:00

9 lines
319 B
Python
Raw Permalink Blame History

# Safe: tainted XML routed through defusedxml, which strips external-entity
# resolution. Treated as a Sanitizer(XXE), so taint-xxe stays clean.
import defusedxml.ElementTree
from flask import request
def handle():
body = request.args.get("xml")
tree = defusedxml.ElementTree.fromstring(body)
return tree
Reference in a new issue View git blame Copy permalink