Skip to content

Commit

Permalink
[8.x] [Security Solution] Fix code scanning alert (#198142) (#198367)
Browse files Browse the repository at this point in the history
# Backport

This will backport the following commits from `main` to `8.x`:
- [[Security Solution] Fix code scanning alert
(#198142)](#198142)

<!--- Backport version: 9.4.3 -->

### Questions ?
Please refer to the [Backport tool
documentation](https://github.com/sqren/backport)

<!--BACKPORT [{"author":{"name":"Agustina Nahir
Ruidiaz","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-10-30T14:38:54Z","message":"[Security
Solution] Fix code scanning alert
(#198142)\n\nFixes\r\n[https://github.com/elastic/kibana/security/code-scanning/365](https://github.com/elastic/kibana/security/code-scanning/365)\r\n\r\n##
Summary\r\n\r\nTo fix the problem, we need to ensure that both double
quotes and\r\nbackslashes are properly escaped in the `escapeValue`
function. This can\r\nbe achieved by using a regular expression that
replaces both characters\r\nglobally. Specifically, we should replace
backslashes with double\r\nbackslashes (`\\\\`) and double quotes with
escaped double quotes (`\\\"`).\r\n\r\n- Update the `escapeValue`
function to use a regular expression that\r\nhandles both double quotes
and backslashes.\r\n- Ensure that the regular expression has the global
flag (`g`) to\r\nreplace all occurrences of the
characters.\r\n\r\nCo-authored-by: Copilot Autofix powered by AI
<62310815+github-advanced-security[bot]@users.noreply.github.com>","sha":"b9a5d6a46d4224b70ec1709d4fa97cd1c6295408","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["backport","release_note:skip","v9.0.0","Team:Threat
Hunting:Explore","backport:prev-minor","ci:cloud-deploy"],"title":"[Security
Solution] Fix code scanning
alert","number":198142,"url":"https://github.com/elastic/kibana/pull/198142","mergeCommit":{"message":"[Security
Solution] Fix code scanning alert
(#198142)\n\nFixes\r\n[https://github.com/elastic/kibana/security/code-scanning/365](https://github.com/elastic/kibana/security/code-scanning/365)\r\n\r\n##
Summary\r\n\r\nTo fix the problem, we need to ensure that both double
quotes and\r\nbackslashes are properly escaped in the `escapeValue`
function. This can\r\nbe achieved by using a regular expression that
replaces both characters\r\nglobally. Specifically, we should replace
backslashes with double\r\nbackslashes (`\\\\`) and double quotes with
escaped double quotes (`\\\"`).\r\n\r\n- Update the `escapeValue`
function to use a regular expression that\r\nhandles both double quotes
and backslashes.\r\n- Ensure that the regular expression has the global
flag (`g`) to\r\nreplace all occurrences of the
characters.\r\n\r\nCo-authored-by: Copilot Autofix powered by AI
<62310815+github-advanced-security[bot]@users.noreply.github.com>","sha":"b9a5d6a46d4224b70ec1709d4fa97cd1c6295408"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/198142","number":198142,"mergeCommit":{"message":"[Security
Solution] Fix code scanning alert
(#198142)\n\nFixes\r\n[https://github.com/elastic/kibana/security/code-scanning/365](https://github.com/elastic/kibana/security/code-scanning/365)\r\n\r\n##
Summary\r\n\r\nTo fix the problem, we need to ensure that both double
quotes and\r\nbackslashes are properly escaped in the `escapeValue`
function. This can\r\nbe achieved by using a regular expression that
replaces both characters\r\nglobally. Specifically, we should replace
backslashes with double\r\nbackslashes (`\\\\`) and double quotes with
escaped double quotes (`\\\"`).\r\n\r\n- Update the `escapeValue`
function to use a regular expression that\r\nhandles both double quotes
and backslashes.\r\n- Ensure that the regular expression has the global
flag (`g`) to\r\nreplace all occurrences of the
characters.\r\n\r\nCo-authored-by: Copilot Autofix powered by AI
<62310815+github-advanced-security[bot]@users.noreply.github.com>","sha":"b9a5d6a46d4224b70ec1709d4fa97cd1c6295408"}}]}]
BACKPORT-->

Co-authored-by: Agustina Nahir Ruidiaz <[email protected]>
  • Loading branch information
kibanamachine and agusruidiazgd authored Oct 30, 2024
1 parent 744c5f7 commit b5edaf6
Showing 1 changed file with 1 addition and 1 deletion.
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ const COPY_TO_CLIPBOARD_SUCCESS = i18n.translate(
}
);

const escapeValue = (value: string) => value.replace(/"/g, '\\"');
const escapeValue = (value: string) => value.replace(/\\/g, '\\\\').replace(/"/g, '\\"');

export const createCopyToClipboardActionFactory = createCellActionFactory(
({ notifications }: { notifications: NotificationsStart }) => ({
Expand Down

0 comments on commit b5edaf6

Please sign in to comment.