Security Policy#
Reporting a Vulnerability#
Send an email or submit an github issue if you see a vulnerability that SHOULD be addressed.
Security Information#
I advocate for better and simple security, so this tool is reviewed to identify potential vulnerabilities.
Result of scan with Bandit:
blacklist: Audit url open for permitted schemes. Allowing use of file:/ or custom schemes is often unexpected.
Test ID: B310
Severity: MEDIUM
Confidence: HIGH
For details on B310 see this page in the Bandit manual.
Checking the status of an URL requires using a construct like:
request = Request(url, headers=nocxheaders)
with urlopen(request, timeout=nocxtimeout) as response:
return url, response.status
Mitigation to your judgement:
Content of URLs is not processed.
Only the DNS or HTTP status of an URL is verified.
Use of external libraries, like
requestsoraiohttpis deliberately avoided.