Python / Django "url" Cache Deception

cache_deception.py

from django.conf.urls import url
from django.urls import path
from .views import HomePageView, PostDetailView, AddPostView

app_name = 'feed'

urlpatterns = [
    url(r'^inbox/', HomePageView.as_view(), name="index"),
    url(r'^inbox', HomePageView.as_view(), name="index"),
    url(r'^test', HomePageView.as_view(), name="index"),
    url(r'^test/', HomePageView.as_view(), name="index"),
    url(r'^inbox/$', HomePageView.as_view(), name="index"),
    path('detail//', PostDetailView.as_view(), name='detail'),
    path('post/', AddPostView.as_view(), name='post'),
]

cache_deception_rule.yaml

rules:
  - id: django_route_decorator_detection
    patterns:
      - pattern-either:
        - pattern: url($X, ..., ...)
      - pattern-inside: |
          from django.conf.urls import url
          ...
      - metavariable-pattern:
          metavariable: $X
          patterns:
            - pattern-regex: r'\^[\w]+\/?[^\$]'
            - pattern-regex: ^(?!.*\+).*
    message: "Detected Django route decorator usage: {{source()}}"
    severity: INFO
    languages: [python]
metadata:
  category: security
  cwe: "CWE-525: Use of Web Browser Cache Containing Sensitive Information"
  subcategory: [audit]
  confidence: HIGH
  impact: HIGH
  technology: [python, django]
  description: "`Django Path` Possible Web Cache Deception"