AWS logo
Amazon QDetector Library

Usage of an API that is not recommended High

APIs that are not recommended were found. This could indicate a deeper problem in the code.

Detector ID
python/not-recommended-apis@v1.0
Category
Common Weakness Enumeration (CWE) external icon
-

Noncompliant example

1import xml.sax
2
3
4class ContentHandler(xml.sax.ContentHandler):
5    def __init__(self):
6        xml.sax.ContentHandler.__init__(self)
7
8    def start_element(self, name, attributes):
9        print('start:', name)
10
11    def end_element(self, name):
12        print('end:', name)
13
14    def characters(self, characters):
15        print('characters:', characters)
16
17
18def recommended_apis_noncompliant():
19    xml_string = "<body>XML_STRING</body>"
20
21    # Noncompliant: uses xml.sax which is an unrecommended API.
22    xml.sax.parseString(xml_string, ContentHandler())
23
24
25if __name__ == "__main__":
26    recommended_apis_noncompliant()

Compliant example

1import xml
2import defusedxml.sax
3
4
5class ContentHandler(xml.sax.ContentHandler):
6    def __init__(self):
7        xml.sax.ContentHandler.__init__(self)
8
9    def start_element(self, name, attributes):
10        print('start:', name)
11
12    def end_element(self, name):
13        print('end:', name)
14
15    def characters(self, characters):
16        print('characters:', characters)
17
18
19def not_recommended_apis_compliant():
20    xml_string = "<body>XML_STRING</body>"
21
22    # Compliant: avoids using unrecommended APIs.
23    defusedxml.sax.parseString(xml_string, ContentHandler())
24
25
26if __name__ == "__main__":
27    not_recommended_apis_compliant()