You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.rst
+9-3Lines changed: 9 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -63,11 +63,17 @@ Soon you will find a `README.rst`_ in every directory in the ``pyt/`` folder, `s
63
63
How to Use
64
64
============
65
65
66
-
1. Choose a web framework: `The -a option determines which functions will have their arguments tainted`_, by default it is Flask.
66
+
1. Choose a web framework
67
67
68
-
2. (optional) Customize source and sink information: Use the ``-t`` option to specify sources and sinks, by default `this file is used`_.
68
+
`The -a option determines which functions will have their arguments tainted`_, by default it is Flask.
69
69
70
-
3. (optional) Customize which library functions propagate taint: For functions that are imported from libraries, e.g. ``url_for`` or ``os.path.join``, use the ``-m`` option to specify whether or not they return tainted values given tainted inputs, by `default this file is used`_.
70
+
2. (optional) Customize source and sink information
71
+
72
+
Use the ``-t`` option to specify sources and sinks, by default `this file is used`_.
73
+
74
+
3. (optional) Customize which library functions propagate taint
75
+
76
+
For functions from builtins or libraries, e.g. ``url_for`` or ``os.path.join``, use the ``-m`` option to specify whether or not they return tainted values given tainted inputs, by `default this file is used`_.
71
77
72
78
.. _The -a option determines which functions will have their arguments tainted: https://github.com/python-security/pyt/tree/master/pyt/web_frameworks#web-frameworks
73
79
.. _this file is used: https://github.com/python-security/pyt/blob/master/pyt/vulnerability_definitions/all_trigger_words.pyt
0 commit comments