Avoid hardcoded use of config variables in Flask

Properly secure Flask routes when using JWT

Follow best practices for cookie security

Ensure use of proper args when handling files

Alerts if using a Jinja template that is not automatically escaped by Flask

Avoid unwanted complexity when building large Flask apps

Use jsonify instead of json.dumps

Avoid using NULL on string-based fields such as CharField and TextField.

Open URL redirect vulnerabilities may lead to phishing or XSS

For string fields, null=True must also be set to avoid unique constraint violations

Use DecimalField instead of FloatField for currency

Use JsonResponse instead of json.dumps

A count() call is more efficient

Avoid using raw SQL queries in Django

Prevent XSS by detecting when a variable is used in an anchor tag

Ensure links opened in new tabs follow security best practices

Ensure links opened in new tabs follow security best practices

Detect missing CSRF protection in HTML forms used in Jinja templates

Prevent browsers from switching into quirks mode by ensuring HTML doctype declaration

Ensure correct character encoding interpretation to help prevent XSS attacks

Ensure proper content-type declaration to help prevent XSS attacks

Ensure attribute values are quoted when using Jinja template variables

Detects when the auth parameter is used over http, potentially exposing credentials

Finds URLs passed to Requests that don’t have a URL scheme

Finds Requests methods without a timeout

Detect hardcoded AWS access tokens used in Boto 3

Detects non-literal URLs in `click.launch()`, which could direct a browser to a malicious site

Ensures parameters match in @click.option and the function definition