From 314c42393d2a6008aa7c0e953b5d2a7162e3bd75 Mon Sep 17 00:00:00 2001
From: Egon Okerman <egon.okerman@sonarsource.com>
Date: Mon, 6 Nov 2023 16:48:31 +0100
Subject: [PATCH] Revert "Modify rule S5144: Add HTTPX support (APPSEC-1247)
 (#3365)"

This reverts commit 75e4b4815d48553b25bf78515bd7ecafacfd181f.
---
 .../header_names/allowed_framework_names.adoc |  1 -
 rules/S5144/python/how-to-fix-it/httpx.adoc   | 52 -------------------
 rules/S5144/python/rule.adoc                  |  2 -
 3 files changed, 55 deletions(-)
 delete mode 100644 rules/S5144/python/how-to-fix-it/httpx.adoc

diff --git a/docs/header_names/allowed_framework_names.adoc b/docs/header_names/allowed_framework_names.adoc
index 863af14672f..308236c363e 100644
--- a/docs/header_names/allowed_framework_names.adoc
+++ b/docs/header_names/allowed_framework_names.adoc
@@ -88,7 +88,6 @@
 * Python Standard Library
 * PyYAML
 * Requests
-* HTTPX
 * SQLAlchemy
 * Amazon DynamoDB
 * python-ldap
diff --git a/rules/S5144/python/how-to-fix-it/httpx.adoc b/rules/S5144/python/how-to-fix-it/httpx.adoc
deleted file mode 100644
index 504013899d8..00000000000
--- a/rules/S5144/python/how-to-fix-it/httpx.adoc
+++ /dev/null
@@ -1,52 +0,0 @@
-== How to fix it in HTTPX
-
-=== Code examples
-
-include::../../common/fix/code-rationale.adoc[]
-
-==== Noncompliant code example
-
-[source,python,diff-id=21,diff-type=noncompliant]
-----
-from fastapi import FastAPI
-import httpx
-
-app = FastAPI()
-
-@app.get('/example')
-def example(url: str):
-    r = httpx.get(url)  # Noncompliant
-    return {"response": r.text}
-----
-
-==== Compliant solution
-
-[source,python,diff-id=21,diff-type=compliant]
-----
-from fastapi import FastAPI
-from fastapi.responses import JSONResponse
-import httpx
-from urllib.parse import urlparse
-
-DOMAINS_ALLOWLIST = ['trusted1.example.com', 'trusted2.example.com']
-app = FastAPI()
-
-@app.get('/example')
-def example(url: str):
-    if not urlparse(url).hostname in DOMAINS_ALLOWLIST:
-        return JSONResponse({"error": f"URL {url} is not whitelisted."}, 400)
-
-    r = httpx.get(url)
-    return {"response": r.text}
-----
-
-=== How does this work?
-
-include::../../common/fix/pre-approved-list.adoc[]
-
-The compliant code example uses such an approach.
-HTTPX implicitly validates the scheme as it only allows `http` and `https` by default.
-
-=== Pitfalls
-
-include::../../common/pitfalls/starts-with.adoc[]
diff --git a/rules/S5144/python/rule.adoc b/rules/S5144/python/rule.adoc
index ac2e10c6ffd..b0129617739 100644
--- a/rules/S5144/python/rule.adoc
+++ b/rules/S5144/python/rule.adoc
@@ -10,8 +10,6 @@ include::how-to-fix-it/python.adoc[]
 
 include::how-to-fix-it/requests.adoc[]
 
-include::how-to-fix-it/httpx.adoc[]
-
 include::how-to-fix-it/aiohttp.adoc[]