python.flask.correctness.same-handler-name.flask-duplicate-handler-name

profile photo of semgrepsemgrep
Author
7,380
Download Count*
LGPL Commons Clause
License

Looks like $R is a flask function handler that registered to two different routes. This will cause a runtime error

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit RuleView Source
Open in Playground 
rules:
  - id: flask-duplicate-handler-name
    pattern: |
      @app.route("...", ...)
      def $R(...):
          ...
      ...
      @app.route("...", ...)
      def $R(...):
          ...
    message: Looks like `$R` is a flask function handler that registered to two
      different routes. This will cause a runtime error
    languages:
      - python
    severity: WARNING
    metadata:
      category: correctness
      technology:
        - flask
      license: Commons Clause License Condition v1.0[LGPL-2.1-only]

Examples

same-handler-name.py

from flask import Flask

app = Flask(__name__)

# ruleid: flask-duplicate-handler-name
@app.route('/hello')
def hello():
    return 'hello'

@app.route('/hi', methods=["POST"])
def hello():
  return 'hi'

# ok: flask-duplicate-handler-name
@app.route('/howdy/:name')
def howdy(name):
  return f"""howdy {name}"""