mcp-server-semgrep/semgrep-rules/python/flask/correctness/access-request-in-wrong-handler.yaml

MCP Server for Semgrep Integration - static code analysis with AI

rules:
  - id: avoid-accessing-request-in-wrong-handler
    patterns:
      - pattern-inside: |
          @app.route(..., method="GET")
          def $X(...):
            ...
      - pattern-either:
          - pattern: |
              $Y = flask.request.json
          - pattern: |
              $Y = flask.request.form
          - pattern: |
              $Y = flask.request.data
    message: Accessing request object inside a route handle for HTTP GET command will throw due to missing request body.
    languages: [python]
    severity: WARNING
    metadata:
      category: correctness
      technology:
        - flask