Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Security Solution] Filename on value list import is stored in URI encoded form #93346

Closed
marshallmain opened this issue Mar 2, 2021 · 4 comments
Closed

[Security Solution] Filename on value list import is stored in URI encoded form #93346

marshallmain opened this issue Mar 2, 2021 · 4 comments
Assignees
@nkhristinin
Labels
bug Fixes for quality problems that affect the customer experience impact:medium Addressing this issue will have a medium level of impact on the quality/strength of our product. Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.

Comments

@marshallmain
Copy link
Contributor

Kibana version:
8.0.0

Describe the bug:
When importing value lists through the UI, the file is uploaded and the filename is URI encoded during the upload. The filename is then used as the value list ID, however the filename is not URI decoded before being stored, thus a filename that includes quotes like "Untitled".txt is stored as %22Untitled%22.txt. Since it's stored this way, when it comes back to the UI it's displayed in this encoded form as well.

Steps to reproduce:

  1. Upload a value list with one or more quotes in the filename
  2. Observe that the quotes are replaced with %22 when viewing the value list in the UI

Expected behavior:
Quotes should be preserved in the filename.
We likely need to add a call to decodeURIComponent on this line, however we should also ensure that these IDs are properly escaped when used in other places - particularly for generating KQL queries. This PR addresses some places where IDs were being used without escaping, but there could be others.
@marshallmain marshallmain added bug Fixes for quality problems that affect the customer experience impact:medium Addressing this issue will have a medium level of impact on the quality/strength of our product. Team:Detections and Resp Security Detection Response Team v7.13.0 labels Mar 2, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-detections-response (Team:Detections and Resp)

@MadameSheema MadameSheema added the Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. label Mar 17, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/security-solution (Team: SecuritySolution)

@nkhristinin nkhristinin mentioned this issue Sep 10, 2021
Merged
2 tasks
@peluja1012
Copy link
Contributor

Fixed by #111838

@ecezalp
Copy link
Contributor

ecezalp commented Oct 30, 2021

testing instructions

  • Upload a value list with one or more quotes in the filename
  • View the uploaded list to confirm that quotes appear on the file name as expected.

more details can be found in the bug description here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@nkhristinin nkhristinin

Labels
bug Fixes for quality problems that affect the customer experience impact:medium Addressing this issue will have a medium level of impact on the quality/strength of our product. Team:Detections and Resp Security Detection Response Team Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@peluja1012 @nkhristinin @elasticmachine @MadameSheema @ecezalp @dontcallmesherryli @marshallmain