From 1a704d76f7cbbf6a5b807c4ede34ed9bfd720c6d Mon Sep 17 00:00:00 2001
From: Shayne Officer <shayneofficer@gmail.com>
Date: Thu, 7 Oct 2021 11:22:43 -0500
Subject: [PATCH] switched dangerous default arguments

---
 hasjob/views/helper.py  | 4 +++-
 hasjob/views/index.py   | 8 ++++++--
 hasjob/views/listing.py | 4 +++-
 3 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/hasjob/views/helper.py b/hasjob/views/helper.py
index bbce8f2b..9771da75 100644
--- a/hasjob/views/helper.py
+++ b/hasjob/views/helper.py
@@ -919,7 +919,7 @@ def usessl(url):
     return url
 
 
-def filter_basequery(basequery, filters, exclude_list=[]):
+def filter_basequery(basequery, filters, exclude_list=None):
     """
     - Accepts a query of type sqlalchemy.Query, and returns a modified query
     based on the keys in the `filters` object.
@@ -927,6 +927,8 @@ def filter_basequery(basequery, filters, exclude_list=[]):
     `pay_min`, `pay_max`, `currency`, `equity` and `query`.
     - exclude_list is an array of keys that need to be ignored in the `filters` object
     """
+    if exclude_list is None:
+        exclude_list = []
     filter_by_location = filters.get('locations') and 'locations' not in exclude_list
     filter_by_anywhere = filters.get('anywhere') and 'anywhere' not in exclude_list
     if filter_by_location:
diff --git a/hasjob/views/index.py b/hasjob/views/index.py
index cf028103..0674b631 100644
--- a/hasjob/views/index.py
+++ b/hasjob/views/index.py
@@ -559,7 +559,7 @@ def fetch_cached_jobposts(
 )
 def index(
     basequery=None,
-    filters={},
+    filters=None,
     md5sum=None,
     tag=None,
     domain=None,
@@ -572,8 +572,12 @@ def index(
     cached=False,
     query_string=None,
     filterset=None,
-    template_vars={},
+    template_vars=None,
 ):
+    if filters is None:
+        filters = {}
+    if template_vars is None:
+        template_vars = {}
     now = utcnow()
     is_siteadmin = lastuser.has_permission('siteadmin')
     board = g.board
diff --git a/hasjob/views/listing.py b/hasjob/views/listing.py
index 3f247eb4..319ef682 100644
--- a/hasjob/views/listing.py
+++ b/hasjob/views/listing.py
@@ -806,7 +806,9 @@ def pinnedjob(domain, hashid):
 @app.route('/reject/<hashid>', defaults={'domain': None}, methods=('GET', 'POST'))
 @lastuser.requires_permission('siteadmin')
 def rejectjob(domain, hashid):
-    def send_reject_mail(reject_type, post, banned_posts=[]):
+    def send_reject_mail(reject_type, post, banned_posts=None):
+        if banned_posts is None:
+            banned_posts = []
         if reject_type not in ['reject', 'ban']:
             return
         mail_meta = {