search

AppThreat / atom

Atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.
https://appthreat.com
Apache License 2.0
52 stars 2 forks source link

Incorrect METHOD being inferred for APIs in Django application #142

Open sohitgore opened 6 months ago

sohitgore commented 6 months ago

Describe the bug

The openAPI spec generation for a Django app, assigns incorrect METHOD to some endpoints

How to reproduce

Generate the spec for any Django application eg. https://github.com/smahesh29/Django-WebApp

        "/users/login.html": {
            "get": {
                "responses": {}
            },
            "post": {
                "responses": {}
            },
            "x-atom-usages": {
                "call": {
                    "django_web_app/django_web_app/urls.py": [
                        25
                    ]
                }
            }
        },
        "/users/logout.html": {
            "get": {
                "responses": {}
            },
            "post": {
                "responses": {}
            },
            "x-atom-usages": {
                "call": {
                    "django_web_app/django_web_app/urls.py": [
                        28
                    ]
                }
            }
        }

The spec contains endpoints with both GET and POST which looks incorrect