diff --git a/x-pack/plugins/actions/server/builtin_action_types/slack.test.ts b/x-pack/plugins/actions/server/builtin_action_types/slack.test.ts index d33574666cebd..919f0800c291c 100644 --- a/x-pack/plugins/actions/server/builtin_action_types/slack.test.ts +++ b/x-pack/plugins/actions/server/builtin_action_types/slack.test.ts @@ -74,6 +74,12 @@ describe('validateActionTypeSecrets()', () => { }).toThrowErrorMatchingInlineSnapshot( `"error validating action type secrets: [webhookUrl]: expected value of type [string] but got [number]"` ); + + expect(() => { + validateSecrets(actionType, { webhookUrl: 'fee-fi-fo-fum' }); + }).toThrowErrorMatchingInlineSnapshot( + `"error validating action type secrets: error configuring slack action: unable to parse host name from webhookUrl"` + ); }); test('should validate and pass when the slack webhookUrl is whitelisted', () => { @@ -95,8 +101,8 @@ describe('validateActionTypeSecrets()', () => { actionType = getActionType({ configurationUtilities: { ...configUtilsMock, - ensureWhitelistedUri: url => { - throw new Error(`target url is not whitelisted`); + ensureWhitelistedHostname: url => { + throw new Error(`target hostname is not whitelisted`); }, }, }); @@ -104,7 +110,7 @@ describe('validateActionTypeSecrets()', () => { expect(() => { validateSecrets(actionType, { webhookUrl: 'https://api.slack.com/' }); }).toThrowErrorMatchingInlineSnapshot( - `"error validating action type secrets: error configuring slack action: target url is not whitelisted"` + `"error validating action type secrets: error configuring slack action: target hostname is not whitelisted"` ); }); }); diff --git a/x-pack/plugins/actions/server/builtin_action_types/slack.ts b/x-pack/plugins/actions/server/builtin_action_types/slack.ts index b8989e59a2257..042853796695d 100644 --- a/x-pack/plugins/actions/server/builtin_action_types/slack.ts +++ b/x-pack/plugins/actions/server/builtin_action_types/slack.ts @@ -4,6 +4,7 @@ * you may not use this file except in compliance with the Elastic License. */ +import { URL } from 'url'; import { curry } from 'lodash'; import { i18n } from '@kbn/i18n'; import { schema, TypeOf } from '@kbn/config-schema'; @@ -66,8 +67,17 @@ function valdiateActionTypeConfig( configurationUtilities: ActionsConfigurationUtilities, secretsObject: ActionTypeSecretsType ) { + let url: URL; try { - configurationUtilities.ensureWhitelistedUri(secretsObject.webhookUrl); + url = new URL(secretsObject.webhookUrl); + } catch (err) { + return i18n.translate('xpack.actions.builtin.slack.slackConfigurationErrorNoHostname', { + defaultMessage: 'error configuring slack action: unable to parse host name from webhookUrl', + }); + } + + try { + configurationUtilities.ensureWhitelistedHostname(url.hostname); } catch (whitelistError) { return i18n.translate('xpack.actions.builtin.slack.slackConfigurationError', { defaultMessage: 'error configuring slack action: {message}', diff --git a/x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/builtin_action_types/slack.ts b/x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/builtin_action_types/slack.ts index 87280169c0960..ccc94f9056ef4 100644 --- a/x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/builtin_action_types/slack.ts +++ b/x-pack/test/alerting_api_integration/security_and_spaces/tests/actions/builtin_action_types/slack.ts @@ -94,7 +94,7 @@ export default function slackTest({ getService }: FtrProviderContext) { name: 'A slack action', actionTypeId: '.slack', secrets: { - webhookUrl: 'http://slack.mynonexistent.com', + webhookUrl: 'http://slack.mynonexistent.com/other/stuff/in/the/path', }, }) .expect(400) @@ -103,7 +103,7 @@ export default function slackTest({ getService }: FtrProviderContext) { statusCode: 400, error: 'Bad Request', message: - 'error validating action type secrets: error configuring slack action: target url "http://slack.mynonexistent.com" is not whitelisted in the Kibana config xpack.actions.whitelistedHosts', + 'error validating action type secrets: error configuring slack action: target hostname "slack.mynonexistent.com" is not whitelisted in the Kibana config xpack.actions.whitelistedHosts', }); }); });