Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

module templates incorrectly assume external_reference will follow S-Code and G-Code conventions and case #381

Open
watgh opened this issue Jul 29, 2022 · 1 comment
Open

module templates incorrectly assume external_reference will follow S-Code and G-Code conventions and case #381

watgh opened this issue Jul 29, 2022 · 1 comment

Comments

@watgh
Copy link

watgh commented Jul 29, 2022

BLUF:

please drop the use the "|upper" in creation of the href in a table's card element.

When customizing STIX objects for use by the attack-website generation on our internal site, we discovered that the pelican templates for groups (specifically, but elsewhere as well) are inconsistent when creating the cards for groups and other tables.

For the display name, upper case by default may be appropriate for table uniformity of appearance. Unfortunately, forcing the href to use a specific case or perhaps use a different URL can result in an invalid URL.

For example from the enterprise ATTACK:
...

"external_references": [
    {
        "source_name": "mitre-attack",
        "external_id": "G0001",
        "url": "https://attack.mitre.org/groups/G0001"
    },
....
    "name": "Axiom",
....

The site generation code will create a directory /groups/G0001.
And the ID field for the card in the group table will look like:

<td>
    <a href="/groups/G0001"> G0001 </a>
</td>

That comes from the group-index.html template in modules/groups/templates, specifically starting at line 47:

                            <tbody>
                                {% for row in parsed.groups_table %}
                                    <tr>
                                        <td>
                                            <a href="/groups/{{row.id|upper}}"> {{row.id|upper}} </a>
                                        </td>
                                        <td>
                                            <a href="/groups/{{row.id|upper}}"> {{row.name}} </a>
                                        </td>

Note the "|upper" directive

The problem comes, when the ID case may not natively be upper

for example an intrusion set named "SomeFineGroupName" has an external reference appears as:

{
    "source_name": "mitre-attack",
    "url": "https://my-attack-website.myorg.com/groups/MyCustomNotUpperCaseCode"
    "external_id": "MyCustomNotUpperCaseCode"
}

The resulting directory entry will be generated as /group/MyCustomNotUpperCaseCode, matching the ID in the stix object.
The resulting card for the groups table however, will result in an ref such as:

<td>
    <a href="/groups/MYCUSTOMNOTUPPERCASECODE"> MYCUSTOMNOTUPPERCASECODE </a>
</td>

The solution is to drop the "|upper" directive in the href, while keeping the label as is if desired.
@watgh
Copy link
Author

watgh commented Jul 29, 2022

Just to clarify, I'm asking you to change the template to remove the upper directive from the href generation for datasource, software and groups:

                                        <td>
                                            <a href="/groups/{{row.id}}"> {{row.id|upper}} </a>
                                        </td>
                                        <td>
                                            <a href="/groups/{{row.id}}"> {{row.name}} </a>
                                        </td>

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@watgh