Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
# Backport This will backport the following commits from `main` to `8.x`: - [[Security Solution] Fix code scanning alert (#198142)](#198142) <!--- Backport version: 9.4.3 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Agustina Nahir Ruidiaz","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-10-30T14:38:54Z","message":"[Security Solution] Fix code scanning alert (#198142)\n\nFixes\r\n[https://github.com/elastic/kibana/security/code-scanning/365](https://github.com/elastic/kibana/security/code-scanning/365)\r\n\r\n## Summary\r\n\r\nTo fix the problem, we need to ensure that both double quotes and\r\nbackslashes are properly escaped in the `escapeValue` function. This can\r\nbe achieved by using a regular expression that replaces both characters\r\nglobally. Specifically, we should replace backslashes with double\r\nbackslashes (`\\\\`) and double quotes with escaped double quotes (`\\\"`).\r\n\r\n- Update the `escapeValue` function to use a regular expression that\r\nhandles both double quotes and backslashes.\r\n- Ensure that the regular expression has the global flag (`g`) to\r\nreplace all occurrences of the characters.\r\n\r\nCo-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>","sha":"b9a5d6a46d4224b70ec1709d4fa97cd1c6295408","branchLabelMapping":{"^v9.0.0$":"main","^v8.17.0$":"8.x","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["backport","release_note:skip","v9.0.0","Team:Threat Hunting:Explore","backport:prev-minor","ci:cloud-deploy"],"title":"[Security Solution] Fix code scanning alert","number":198142,"url":"https://github.com/elastic/kibana/pull/198142","mergeCommit":{"message":"[Security Solution] Fix code scanning alert (#198142)\n\nFixes\r\n[https://github.com/elastic/kibana/security/code-scanning/365](https://github.com/elastic/kibana/security/code-scanning/365)\r\n\r\n## Summary\r\n\r\nTo fix the problem, we need to ensure that both double quotes and\r\nbackslashes are properly escaped in the `escapeValue` function. This can\r\nbe achieved by using a regular expression that replaces both characters\r\nglobally. Specifically, we should replace backslashes with double\r\nbackslashes (`\\\\`) and double quotes with escaped double quotes (`\\\"`).\r\n\r\n- Update the `escapeValue` function to use a regular expression that\r\nhandles both double quotes and backslashes.\r\n- Ensure that the regular expression has the global flag (`g`) to\r\nreplace all occurrences of the characters.\r\n\r\nCo-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>","sha":"b9a5d6a46d4224b70ec1709d4fa97cd1c6295408"}},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[{"branch":"main","label":"v9.0.0","branchLabelMappingKey":"^v9.0.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/198142","number":198142,"mergeCommit":{"message":"[Security Solution] Fix code scanning alert (#198142)\n\nFixes\r\n[https://github.com/elastic/kibana/security/code-scanning/365](https://github.com/elastic/kibana/security/code-scanning/365)\r\n\r\n## Summary\r\n\r\nTo fix the problem, we need to ensure that both double quotes and\r\nbackslashes are properly escaped in the `escapeValue` function. This can\r\nbe achieved by using a regular expression that replaces both characters\r\nglobally. Specifically, we should replace backslashes with double\r\nbackslashes (`\\\\`) and double quotes with escaped double quotes (`\\\"`).\r\n\r\n- Update the `escapeValue` function to use a regular expression that\r\nhandles both double quotes and backslashes.\r\n- Ensure that the regular expression has the global flag (`g`) to\r\nreplace all occurrences of the characters.\r\n\r\nCo-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>","sha":"b9a5d6a46d4224b70ec1709d4fa97cd1c6295408"}}]}] BACKPORT--> Co-authored-by: Agustina Nahir Ruidiaz <[email protected]>
- Loading branch information