From 5cdc8bcb63d0e9c4bfc4b4f8b854a2ed64c97d07 Mon Sep 17 00:00:00 2001 From: Alankarsharma Date: Tue, 5 Dec 2023 17:32:49 +0530 Subject: [PATCH 1/6] Relative URL should be allowed Signed-off-by: Alankarsharma --- src/core/server/rendering/rendering_service.tsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/core/server/rendering/rendering_service.tsx b/src/core/server/rendering/rendering_service.tsx index d0a62555d4b2..f78ab722a8c5 100644 --- a/src/core/server/rendering/rendering_service.tsx +++ b/src/core/server/rendering/rendering_service.tsx @@ -366,7 +366,7 @@ export class RenderingService { */ public isUrlValid = async (url: string, configName?: string): Promise => { if (url === '/') { - return false; + return true; } if (url.match(/\.(png|svg|gif|PNG|SVG|GIF)$/) === null) { this.logger.get('branding').error(`${configName} config is invalid. Using default branding.`); From 29c5a4ab40e78b38c090840b57f148b9522f27aa Mon Sep 17 00:00:00 2001 From: "opensearch-trigger-bot[bot]" <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com> Date: Wed, 6 Dec 2023 09:56:58 -0800 Subject: [PATCH 2/6] Add 1.3.14 release notes (#5574) (#5579) Signed-off-by: Josh Romero (cherry picked from commit 39fdcad14c375edbf8e5cd992241084bd2d56871) Signed-off-by: github-actions[bot] Co-authored-by: github-actions[bot] Signed-off-by: Alankarsharma --- ...nsearch-dashboards.release-notes-1.3.14.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 release-notes/opensearch-dashboards.release-notes-1.3.14.md diff --git a/release-notes/opensearch-dashboards.release-notes-1.3.14.md b/release-notes/opensearch-dashboards.release-notes-1.3.14.md new file mode 100644 index 000000000000..441b7a602257 --- /dev/null +++ b/release-notes/opensearch-dashboards.release-notes-1.3.14.md @@ -0,0 +1,19 @@ +# Version 1.3.14 Release Notes + +### 🛡 Security + +- [CVE-2023-46234] Bump `eslint-import-resolver-webpack` from `0.11.1` to `0.13.8` and `browserify-sign` from `4.2.1` to `4.2.2` ([#5414](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/5414/)) +- [CVE-2023-45133] Add package resolution for `@babel/traverse` to `7.23.2` to fix vulnerability ([#5309](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/5309)) +- [CVE-2017-16137] Bump `debug` versions via yarn updates and resolutions ([#5573](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/5573)) + +### 📈 Features/Enhancements + +### 🐛 Bug Fixes + +### 🚞 Infrastructure + +### 📝 Documentation + +### 🛠 Maintenance + +- [Version] Increment version to 1.3.14 ([#5531](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/5531)) From 324f4a41dcc3be9cbdde2f1f24a422af92f2cf9c Mon Sep 17 00:00:00 2001 From: Kawika Avilla Date: Wed, 6 Dec 2023 20:19:00 -0800 Subject: [PATCH 3/6] [BUG][Data] Support for custom filters with heterogeneous data fields (#5577) * [BUG][Data] Support for custom filters with heterogeneous data fields When enabling the advanced setting `courier:ignoreFilterIfFieldNotInIndex` Custom OpenSearch Query DSL filters could technically be applied to index patterns that map to indices that are not exactly the same. Since the custom query filter is a user input then users can really type anything that they need. Or any field that they know is present but we do not know for sure. Therefore, we can check if the id which is the index pattern title to check if we should apply the filter or not. Issue resolved: https://github.com/opensearch-project/dashboards-visualizations/issues/281 I believe issue: https://github.com/opensearch-project/OpenSearch-Dashboards/issues/5423 Should closed as that is expected functionality. Signed-off-by: Kawika Avilla * [Cleanup] utilize the same helper function Originally when implementing the fix the historical comment caused concern about potential breaking changes. But after discussion, we decided it is more clear to consolidate the helper functions. Signed-off-by: Kawika Avilla Signed-off-by: Alankarsharma --- CHANGELOG.md | 1 + .../opensearch_query/filter_matches_index.test.ts | 14 ++++++++++++++ .../opensearch_query/filter_matches_index.ts | 10 +++++----- 3 files changed, 20 insertions(+), 5 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 146b895ba2ba..7e1f03ac69d3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -32,6 +32,7 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/) - [BUG][Dev Tool] Add dev tool documentation link to dev tool's help menu [#5166](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/5166) - Fix missing border for header navigation control on right ([#5450](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/5450)) - [BUG] Fix filtering issue in data source selector ([5484](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/5484)) +- [BUG][Data] Support for custom filters with heterogeneous data fields ([5577](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/5577)) ### 🚞 Infrastructure diff --git a/src/plugins/data/common/opensearch_query/opensearch_query/filter_matches_index.test.ts b/src/plugins/data/common/opensearch_query/opensearch_query/filter_matches_index.test.ts index f610b1e7179f..ad68e14b2c54 100644 --- a/src/plugins/data/common/opensearch_query/opensearch_query/filter_matches_index.test.ts +++ b/src/plugins/data/common/opensearch_query/opensearch_query/filter_matches_index.test.ts @@ -66,4 +66,18 @@ describe('filterMatchesIndex', () => { expect(filterMatchesIndex(filter, indexPattern)).toBe(true); }); + + it('should return false if the custom filter is a different index id', () => { + const filter = { meta: { index: 'foo', key: 'bar', type: 'custom' } } as Filter; + const indexPattern = { id: 'bar', fields: [{ name: 'foo' }] } as IIndexPattern; + + expect(filterMatchesIndex(filter, indexPattern)).toBe(false); + }); + + it('should return true if the custom filter is the same index id', () => { + const filter = { meta: { index: 'foo', key: 'bar', type: 'custom' } } as Filter; + const indexPattern = { id: 'foo', fields: [{ name: 'barf' }] } as IIndexPattern; + + expect(filterMatchesIndex(filter, indexPattern)).toBe(true); + }); }); diff --git a/src/plugins/data/common/opensearch_query/opensearch_query/filter_matches_index.ts b/src/plugins/data/common/opensearch_query/opensearch_query/filter_matches_index.ts index f8c2ab67ee95..529e68609aeb 100644 --- a/src/plugins/data/common/opensearch_query/opensearch_query/filter_matches_index.ts +++ b/src/plugins/data/common/opensearch_query/opensearch_query/filter_matches_index.ts @@ -31,14 +31,14 @@ import { IIndexPattern, IFieldType } from '../../index_patterns'; import { Filter } from '../filters'; -/* - * TODO: We should base this on something better than `filter.meta.key`. We should probably modify - * this to check if `filter.meta.index` matches `indexPattern.id` instead, but that's a breaking - * change. - */ export function filterMatchesIndex(filter: Filter, indexPattern?: IIndexPattern | null) { if (!filter.meta?.key || !indexPattern) { return true; } + + if (filter.meta?.type === 'custom') { + return filter.meta.index === indexPattern.id; + } + return indexPattern.fields.some((field: IFieldType) => field.name === filter.meta.key); } From 2f1b8873cf3c9f04cad80141aba9e326ace69e44 Mon Sep 17 00:00:00 2001 From: Alankarsharma Date: Fri, 8 Dec 2023 09:47:38 +0530 Subject: [PATCH 4/6] Last check-in was wrong, Fixed it, added test case for this as well. Signed-off-by: Alankarsharma --- src/core/server/rendering/rendering_service.test.ts | 5 +++++ src/core/server/rendering/rendering_service.tsx | 7 +++++-- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/src/core/server/rendering/rendering_service.test.ts b/src/core/server/rendering/rendering_service.test.ts index 56a39915e73c..5fa7d010989e 100644 --- a/src/core/server/rendering/rendering_service.test.ts +++ b/src/core/server/rendering/rendering_service.test.ts @@ -195,6 +195,11 @@ describe('RenderingService', () => { const result = await service.isUrlValid('/', 'config'); expect(result).toEqual(false); }); + + it('checks relative URL returns true', async () => { + const result = await service.isUrlValid('/demo/opensearch_mark_default.png', 'config'); + expect(result).toEqual(true); + }); }); describe('isTitleValid()', () => { diff --git a/src/core/server/rendering/rendering_service.tsx b/src/core/server/rendering/rendering_service.tsx index f78ab722a8c5..dfd1cb5789ef 100644 --- a/src/core/server/rendering/rendering_service.tsx +++ b/src/core/server/rendering/rendering_service.tsx @@ -171,7 +171,7 @@ export class RenderingService { }; } - public async stop() {} + public async stop() { } /** * Setups HTTP Agent if SSL is enabled to pass SSL config @@ -366,12 +366,15 @@ export class RenderingService { */ public isUrlValid = async (url: string, configName?: string): Promise => { if (url === '/') { - return true; + return false; } if (url.match(/\.(png|svg|gif|PNG|SVG|GIF)$/) === null) { this.logger.get('branding').error(`${configName} config is invalid. Using default branding.`); return false; } + if (url.startsWith('/')) { + return true; + } return await Axios.get(url, { httpsAgent: this.httpsAgent, adapter: AxiosHttpAdapter, From c1eea2362c38b72ed0aaea977aeb96059ab6f101 Mon Sep 17 00:00:00 2001 From: Alankarsharma Date: Thu, 14 Dec 2023 01:02:42 +0530 Subject: [PATCH 5/6] removed space Signed-off-by: Alankarsharma --- src/core/server/rendering/rendering_service.tsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/core/server/rendering/rendering_service.tsx b/src/core/server/rendering/rendering_service.tsx index dfd1cb5789ef..acaee7f42bc5 100644 --- a/src/core/server/rendering/rendering_service.tsx +++ b/src/core/server/rendering/rendering_service.tsx @@ -171,7 +171,7 @@ export class RenderingService { }; } - public async stop() { } + public async stop() {} /** * Setups HTTP Agent if SSL is enabled to pass SSL config From 88671ca8d95908e1c6b2a431983d80b5f1d4bea1 Mon Sep 17 00:00:00 2001 From: Alankarsharma Date: Thu, 14 Dec 2023 08:47:29 +0530 Subject: [PATCH 6/6] updated change log Signed-off-by: Alankarsharma --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 2c3235a2cca5..b2aa86a30f4c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -22,6 +22,7 @@ Inspired from [Keep a Changelog](https://keepachangelog.com/en/1.0.0/) - [Workspace] Setup workspace skeleton and implement basic CRUD API ([#5075](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/5075)) - [Decouple] Add new cross compatibility check core service which export functionality for plugins to verify if their OpenSearch plugin counterpart is installed on the cluster or has incompatible version to configure the plugin behavior([#4710](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/4710)) - [Discover] Display inner properties in the left navigation bar [#5429](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/5429) +- [Custom Branding] Relative URL should be allowed for logos ([#5572](https://github.com/opensearch-project/OpenSearch-Dashboards/pull/5572)) ### 🐛 Bug Fixes