research-school-2024/examples/insecure-data.py

#!/usr/bin/env python3
# -*- coding: utf-8 -*-
"""Insecure data handling"""

from flask import Flask, request

app: Flask = Flask(__name__)


@app.route("/", methods=["GET"])
def index():
    alloc = [42] * 10  # Imagine data allocation
    return str(alloc[int(request.args["idx"])])


if __name__ == "__main__":
    app.run(debug=True)