Replace http with https URLs (PyCQA#680)

* Update any reference to a http URL to https for security sake * Update any invalid links also * Remove links not applicable Signed-off-by: Eric Brown <browne@vmware.com>
mikespallino · Jan 7, 2022 · c731150 · c731150
1 parent d184ffd
commit c731150
Show file tree

Hide file tree

Showing 7 changed files with 17 additions and 22 deletions.
diff --git a/bandit/plugins/app_debug.py b/bandit/plugins/app_debug.py
@@ -31,9 +31,9 @@
 
 .. seealso::
 
- .. [1] http://flask.pocoo.org/docs/1.0/quickstart/#debug-mode
- .. [2] http://werkzeug.palletsprojects.com/en/0.15.x/debug/
- .. [3] http://labs.detectify.com/post/130332638391/how-patreon-got-hacked-publicly-exposed-werkzeug
+ .. [1] https://flask.palletsprojects.com/en/1.1.x/quickstart/#debug-mode
+ .. [2] https://werkzeug.palletsprojects.com/en/1.0.x/debug/
+ .. [3] https://labs.detectify.com/2015/10/02/how-patreon-got-hacked-publicly-exposed-werkzeug-debugger/
 
 .. versionadded:: 0.15.0
 

diff --git a/bandit/plugins/injection_wildcard.py b/bandit/plugins/injection_wildcard.py
@@ -90,7 +90,7 @@
 
  - https://security.openstack.org
  - https://en.wikipedia.org/wiki/Wildcard_character
- - http://www.defensecode.com/public/DefenseCode_Unix_WildCards_Gone_Wild.txt
+ - https://www.defensecode.com/public/DefenseCode_Unix_WildCards_Gone_Wild.txt
 
 .. versionadded:: 0.9.0
 

diff --git a/bandit/plugins/insecure_ssl_tls.py b/bandit/plugins/insecure_ssl_tls.py
@@ -93,9 +93,8 @@ def ssl_with_bad_version(context, config):
 
      - :func:`ssl_with_bad_defaults`
      - :func:`ssl_with_no_version`
-     - http://heartbleed.com/
-     - https://poodlebleed.com/
-     - https://security.openstack.org/
+     - https://heartbleed.com/
+     - https://en.wikipedia.org/wiki/POODLE
      - https://security.openstack.org/guidelines/dg_move-data-securely.html
 
     .. versionadded:: 0.9.0
@@ -172,9 +171,8 @@ def ssl_with_bad_defaults(context, config):
 
      - :func:`ssl_with_bad_version`
      - :func:`ssl_with_no_version`
-     - http://heartbleed.com/
-     - https://poodlebleed.com/
-     - https://security.openstack.org/
+     - https://heartbleed.com/
+     - https://en.wikipedia.org/wiki/POODLE
      - https://security.openstack.org/guidelines/dg_move-data-securely.html
 
     .. versionadded:: 0.9.0
@@ -230,9 +228,8 @@ def ssl_with_no_version(context):
 
      - :func:`ssl_with_bad_version`
      - :func:`ssl_with_bad_defaults`
-     - http://heartbleed.com/
-     - https://poodlebleed.com/
-     - https://security.openstack.org/
+     - https://heartbleed.com/
+     - https://en.wikipedia.org/wiki/POODLE
      - https://security.openstack.org/guidelines/dg_move-data-securely.html
 
     .. versionadded:: 0.9.0

diff --git a/bandit/plugins/jinja2_templates.py b/bandit/plugins/jinja2_templates.py
@@ -52,9 +52,8 @@
 .. seealso::
 
  - `OWASP XSS <https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)>`_
- - https://realpython.com/blog/python/primer-on-jinja-templating/
- - http://jinja.pocoo.org/docs/dev/api/#autoescaping
- - https://security.openstack.org
+ - https://realpython.com/primer-on-jinja-templating/
+ - https://jinja.palletsprojects.com/en/2.11.x/api/#autoescaping
  - https://security.openstack.org/guidelines/dg_cross-site-scripting-xss.html
 
 .. versionadded:: 0.10.0

diff --git a/bandit/plugins/mako_templates.py b/bandit/plugins/mako_templates.py
@@ -32,9 +32,8 @@
 
 .. seealso::
 
- - http://www.makotemplates.org/
- - `OWASP XSS <https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)>`_
- - https://security.openstack.org
+ - https://www.makotemplates.org/
+ - `OWASP XSS <https://owasp.org/www-community/attacks/xss/>`_
  - https://security.openstack.org/guidelines/dg_cross-site-scripting-xss.html
 
 .. versionadded:: 0.10.0

diff --git a/bandit/plugins/weak_cryptographic_key.py b/bandit/plugins/weak_cryptographic_key.py
@@ -29,7 +29,7 @@
 
 .. seealso::
 
- - http://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf
+ - https://csrc.nist.gov/publications/detail/sp/800-131a/rev-2/final
  - https://security.openstack.org/guidelines/dg_strong-crypto.html
 
 .. versionadded:: 0.14.0

diff --git a/bandit/plugins/yaml_load.py b/bandit/plugins/yaml_load.py
@@ -16,7 +16,7 @@
 ability to simple Python objects like integers or lists.
 
 Please see
-http://pyyaml.org/wiki/PyYAMLDocumentation#LoadingYAML for more information
+https://pyyaml.org/wiki/PyYAMLDocumentation#LoadingYAML for more information
 on ``yaml.load`` and yaml.safe_load
 
 :Example:
@@ -32,7 +32,7 @@
 
 .. seealso::
 
- - http://pyyaml.org/wiki/PyYAMLDocumentation#LoadingYAML
+ - https://pyyaml.org/wiki/PyYAMLDocumentation#LoadingYAML
 
 .. versionadded:: 1.0.0