bito-code-review[bot] commented on code in PR #40658:
URL: https://github.com/apache/superset/pull/40658#discussion_r3338845284
##########
superset/charts/data/api.py:
##########
@@ -617,6 +617,7 @@ def _extract_export_params_from_request(self) -> tuple[str
| None, int | None]:
"""Extract filename and expected_rows from request for streaming
exports."""
filename = request.form.get("filename")
if filename:
+ filename = secure_filename(filename) or None
Review Comment:
<div>
<div id="suggestion">
<div id="issue"><b>CWE-73: Filename Sanitization Correct</b></div>
<div id="fix">
The `secure_filename()` addition correctly sanitizes untrusted `filename`
input, preventing path traversal and special-character injection. The `or None`
fallback handles the documented edge case where `secure_filename()` returns an
empty string for dangerous-only input (e.g., `../../etc/passwd`). When `None`,
line 720 falls back to a server-generated filename, which is the correct secure
behavior. (See also: [CWE-73](https://cwe.mitre.org/data/definitions/73.html))
</div>
</div>
<small><i>Code Review Run #d9035e</i></small>
</div>
---
Should Bito avoid suggestions like this for future reviews? (<a
href=https://alpha.bito.ai/home/ai-agents/review-rules>Manage Rules</a>)
- [ ] Yes, avoid them
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
