kunthawat/ALwrity
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix code scanning alert no. 12: Full server-side request forgery

Browse Source 
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
This commit is contained in:
ي
2025-01-05 15:58:02 +05:30
parent b10e1af1b5
commit b41320ef10
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
lib/ai_seo_tools/wordcloud.py
View File

@@ -19,6 +19,8 @@ language_input = st.selectbox("What language is your content?", ('English', 'Ita
num_results_input = st.slider("How many top words/phrases should we show?", min_value=10, max_value=150, value=50) num_results_input = st.slider("How many top words/phrases should we show?", min_value=10, max_value=150, value=50)
st.write(" ") st.write(" ")
authorized_domains = ["example.com", "another-example.com"]
if st.button("Analyze Your Content!"): if st.button("Analyze Your Content!"):
with st.spinner('Analyzing your content...'): with st.spinner('Analyzing your content...'):
url = url_input.strip() url = url_input.strip()
@@ -29,6 +31,12 @@ if st.button("Analyze Your Content!"):
st.error("Oops! Looks like you forgot 'http://' or 'https://' at the beginning of your URL. Please add it and try again! 😊") st.error("Oops! Looks like you forgot 'http://' or 'https://' at the beginning of your URL. Please add it and try again! 😊")
st.stop() st.stop()
from urllib.parse import urlparse
parsed_url = urlparse(url)
if parsed_url.netloc not in authorized_domains:
st.error("The domain of the provided URL is not authorized. Please use an authorized domain.")
st.stop()
try: try:
response = requests.get(url) response = requests.get(url)
response.raise_for_status() # Check for errors response.raise_for_status() # Check for errors