Skip to content

Commit

Permalink
Update api/src/data_inclusion/api/app.py
Browse files Browse the repository at this point in the history 
Co-authored-by: vmttn <[email protected]>
  • Loading branch information
@vperron @vmttn
vperron and vmttn authored Aug 12, 2024
1 parent 8449a36 commit 8ecd637
Showing 1 changed file with 2 additions and 4 deletions.
6 changes: 2 additions & 4 deletions api/src/data_inclusion/api/app.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,11 +46,9 @@ def create_app() -> fastapi.FastAPI:
environment=settings.ENV,
)

jinja_env = jinja2.Environment()
description = jinja_env.from_string(API_DESCRIPTION_PATH.read_text()).render(
base_url=settings.BASE_URL,
description = jinja2.Template(API_DESCRIPTION_PATH.read_text()).render(

Check warning

Code scanning / CodeQL

Jinja2 templating with autoescape=False Medium

Using jinja2 templates with autoescape=False can potentially allow XSS attacks.
settings.BASE_URL
)

app = fastapi.FastAPI(
title="data·inclusion API",
openapi_url="/api/openapi.json",
Expand Down

0 comments on commit 8ecd637

Please sign in to comment.