From 52d04f7b9aac8228d517a592475e07add48ffc13 Mon Sep 17 00:00:00 2001
From: Wulan Ramadhani <hernandez0287407@gmail.com>
Date: Mon, 25 May 2026 09:23:33 +0800
Subject: [PATCH] =?UTF-8?q?=F0=9F=94=92=20Security=20fix:=20docs=5Fsrc/app?=
 =?UTF-8?q?=5Ftesting/app=5Fb=5Fpy310/main.py?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

修复方案将硬编码的密码 'coneofsilence' 替换为从环境变量 FAKE_SECRET_TOKEN 获取的值。如果环境变量未设置，程序将抛出运行时错误。这样避免了将敏感信息直接写入代码中，提高了安全性。
---
 docs_src/app_testing/app_b_py310/main.py | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff --git a/docs_src/app_testing/app_b_py310/main.py b/docs_src/app_testing/app_b_py310/main.py
index 83f6fa142a..e3eee35149 100644
--- a/docs_src/app_testing/app_b_py310/main.py
+++ b/docs_src/app_testing/app_b_py310/main.py
@@ -1,3 +1,23 @@
+import os
+from fastapi import FastAPI, Header, HTTPException
+from pydantic import BaseModel
+
+fake_secret_token = os.getenv("FAKE_SECRET_TOKEN")
+if not fake_secret_token:
+    raise RuntimeError("Environment variable FAKE_SECRET_TOKEN is not set.")
+
+fake_db = {
+    "foo": {"id": "foo", "title": "Foo", "description": "There goes my hero"},
+    "bar": {"id": "bar", "title": "Bar", "description": "The bartenders"},
+}
+
+app = FastAPI()
+
+class Item(BaseModel):
+    id: str
+    title: str
+    description: str
+
 from fastapi import FastAPI, Header, HTTPException
 from pydantic import BaseModel