Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Sanitize markdown when previewing report header/footer #476

Merged
merged 2 commits into from
Dec 10, 2024
Merged

Sanitize markdown when previewing report header/footer #476

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
84c37d2
Sanitize markdown when previewing report header/footer
joshuali925 Dec 2, 2024
c9466b7
update snapshots
joshuali925 Dec 2, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 8 additions & 8 deletions public/components/main/__tests__/__snapshots__/main.test.tsx.snap
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -73,7 +73,7 @@ exports[`<Main /> panel render component 1`] = `
/>
<div>
<div
class="euiFlexGroup euiFlexGroup--gutterMedium euiFlexGroup--alignItemsCenter euiFlexGroup--directionRow euiFlexGroup--responsive euiFlexGroup--wrap"
class="euiFlexGroup euiFlexGroup--gutterSmall euiFlexGroup--alignItemsCenter euiFlexGroup--directionRow euiFlexGroup--responsive euiFlexGroup--wrap"
>
<div
class="euiFlexItem euiSearchBar__searchHolder"
Expand Down Expand Up @@ -212,7 +212,7 @@ exports[`<Main /> panel render component 1`] = `
</div>
</div>
<div
class="euiSpacer euiSpacer--l"
class="euiSpacer euiSpacer--m"
/>
<div
class="euiBasicTable"
Expand Down Expand Up @@ -1017,7 +1017,7 @@ exports[`<Main /> panel render component after create success 1`] = `
/>
<div>
<div
class="euiFlexGroup euiFlexGroup--gutterMedium euiFlexGroup--alignItemsCenter euiFlexGroup--directionRow euiFlexGroup--responsive euiFlexGroup--wrap"
class="euiFlexGroup euiFlexGroup--gutterSmall euiFlexGroup--alignItemsCenter euiFlexGroup--directionRow euiFlexGroup--responsive euiFlexGroup--wrap"
>
<div
class="euiFlexItem euiSearchBar__searchHolder"
Expand Down Expand Up @@ -1158,7 +1158,7 @@ exports[`<Main /> panel render component after create success 1`] = `
</div>
</div>
<div
class="euiSpacer euiSpacer--l"
class="euiSpacer euiSpacer--m"
/>
<div
class="euiBasicTable"
Expand Down Expand Up @@ -2020,7 +2020,7 @@ exports[`<Main /> panel render component after delete success 1`] = `
/>
<div>
<div
class="euiFlexGroup euiFlexGroup--gutterMedium euiFlexGroup--alignItemsCenter euiFlexGroup--directionRow euiFlexGroup--responsive euiFlexGroup--wrap"
class="euiFlexGroup euiFlexGroup--gutterSmall euiFlexGroup--alignItemsCenter euiFlexGroup--directionRow euiFlexGroup--responsive euiFlexGroup--wrap"
>
<div
class="euiFlexItem euiSearchBar__searchHolder"
Expand Down Expand Up @@ -2161,7 +2161,7 @@ exports[`<Main /> panel render component after delete success 1`] = `
</div>
</div>
<div
class="euiSpacer euiSpacer--l"
class="euiSpacer euiSpacer--m"
/>
<div
class="euiBasicTable"
Expand Down Expand Up @@ -3024,7 +3024,7 @@ exports[`<Main /> panel render component after edit success 1`] = `
/>
<div>
<div
class="euiFlexGroup euiFlexGroup--gutterMedium euiFlexGroup--alignItemsCenter euiFlexGroup--directionRow euiFlexGroup--responsive euiFlexGroup--wrap"
class="euiFlexGroup euiFlexGroup--gutterSmall euiFlexGroup--alignItemsCenter euiFlexGroup--directionRow euiFlexGroup--responsive euiFlexGroup--wrap"
>
<div
class="euiFlexItem euiSearchBar__searchHolder"
Expand Down Expand Up @@ -3165,7 +3165,7 @@ exports[`<Main /> panel render component after edit success 1`] = `
</div>
</div>
<div
class="euiSpacer euiSpacer--l"
class="euiSpacer euiSpacer--m"
/>
<div
class="euiBasicTable"
Expand Down
8 changes: 4 additions & 4 deletions public/components/main/__tests__/__snapshots__/reports_table.test.tsx.snap
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
exports[`<ReportsTable /> panel render component 1`] = `
<div>
<div
class="euiFlexGroup euiFlexGroup--gutterMedium euiFlexGroup--alignItemsCenter euiFlexGroup--directionRow euiFlexGroup--responsive euiFlexGroup--wrap"
class="euiFlexGroup euiFlexGroup--gutterSmall euiFlexGroup--alignItemsCenter euiFlexGroup--directionRow euiFlexGroup--responsive euiFlexGroup--wrap"
>
<div
class="euiFlexItem euiSearchBar__searchHolder"
Expand Down Expand Up @@ -142,7 +142,7 @@ exports[`<ReportsTable /> panel render component 1`] = `
</div>
</div>
<div
class="euiSpacer euiSpacer--l"
class="euiSpacer euiSpacer--m"
/>
<div
class="euiBasicTable"
Expand Down Expand Up @@ -628,7 +628,7 @@ exports[`<ReportsTable /> panel render component 1`] = `
exports[`<ReportsTable /> panel render empty component 1`] = `
<div>
<div
class="euiFlexGroup euiFlexGroup--gutterMedium euiFlexGroup--alignItemsCenter euiFlexGroup--directionRow euiFlexGroup--responsive euiFlexGroup--wrap"
class="euiFlexGroup euiFlexGroup--gutterSmall euiFlexGroup--alignItemsCenter euiFlexGroup--directionRow euiFlexGroup--responsive euiFlexGroup--wrap"
>
<div
class="euiFlexItem euiSearchBar__searchHolder"
Expand Down Expand Up @@ -769,7 +769,7 @@ exports[`<ReportsTable /> panel render empty component 1`] = `
</div>
</div>
<div
class="euiSpacer euiSpacer--l"
class="euiSpacer euiSpacer--m"
/>
<div
class="euiBasicTable"
Expand Down
7 changes: 5 additions & 2 deletions public/components/report_definitions/report_settings/report_settings.tsx
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
* SPDX-License-Identifier: Apache-2.0
*/

import createDOMPurify from 'dompurify';
import React, { useEffect, useState } from 'react';
import { i18n } from '@osd/i18n';
import {
Expand Down Expand Up @@ -31,7 +32,7 @@
REPORT_SOURCE_TYPES,
SAVED_SEARCH_FORMAT_OPTIONS,
} from './report_settings_constants';
import ReactMde from 'react-mde';

Check failure on line 35 in public/components/report_definitions/report_settings/report_settings.tsx

View workflow job for this annotation

GitHub Actions / Lint 

`react-mde` import should occur before import of `./report_settings_constants`
import 'react-mde/lib/styles/css/react-mde-all.css';
import {
reportDefinitionParams,
Expand All @@ -52,14 +53,14 @@
} from './report_settings_helpers';
import { TimeRangeSelect } from './time_range';
import { converter } from '../utils';
import { ReportDefinitionSchemaType } from 'server/model';

Check failure on line 56 in public/components/report_definitions/report_settings/report_settings.tsx

View workflow job for this annotation

GitHub Actions / Lint 

`server/model` import should occur before import of `./report_settings_constants`
import { ReportTrigger } from '../report_trigger';

type ReportSettingProps = {

Check failure on line 59 in public/components/report_definitions/report_settings/report_settings.tsx

View workflow job for this annotation

GitHub Actions / Lint 

Use an `interface` instead of a `type`
edit: boolean;
editDefinitionId: string;
reportDefinitionRequest: reportDefinitionParams;
httpClientProps: any;

Check warning on line 63 in public/components/report_definitions/report_settings/report_settings.tsx

View workflow job for this annotation

GitHub Actions / Lint 

Unexpected any. Specify a different type
timeRange: timeRangeParams;
showSettingsReportNameError: boolean;
settingsReportNameErrorMessage: string;
Expand Down Expand Up @@ -90,22 +91,22 @@
const [reportDescription, setReportDescription] = useState('');
const [reportSourceId, setReportSourceId] = useState('dashboardReportSource');

const [dashboardSourceSelect, setDashboardSourceSelect] = useState([] as any);

Check warning on line 94 in public/components/report_definitions/report_settings/report_settings.tsx

View workflow job for this annotation

GitHub Actions / Lint 

Unexpected any. Specify a different type
const [dashboards, setDashboards] = useState([] as any);

Check warning on line 95 in public/components/report_definitions/report_settings/report_settings.tsx

View workflow job for this annotation

GitHub Actions / Lint 

Unexpected any. Specify a different type

const [visualizationSourceSelect, setVisualizationSourceSelect] = useState(
[] as any

Check warning on line 98 in public/components/report_definitions/report_settings/report_settings.tsx

View workflow job for this annotation

GitHub Actions / Lint 

Unexpected any. Specify a different type
);
const [visualizations, setVisualizations] = useState([] as any);

Check warning on line 100 in public/components/report_definitions/report_settings/report_settings.tsx

View workflow job for this annotation

GitHub Actions / Lint 

Unexpected any. Specify a different type

const [savedSearchSourceSelect, setSavedSearchSourceSelect] = useState(
[] as any

Check warning on line 103 in public/components/report_definitions/report_settings/report_settings.tsx

View workflow job for this annotation

GitHub Actions / Lint 

Unexpected any. Specify a different type
);
const [savedSearches, setSavedSearches] = useState([] as any);

Check warning on line 105 in public/components/report_definitions/report_settings/report_settings.tsx

View workflow job for this annotation

GitHub Actions / Lint 

Unexpected any. Specify a different type
const [savedSearchRecordLimit, setSavedSearchRecordLimit] = useState(10000);

const [notebooksSourceSelect, setNotebooksSourceSelect] = useState([] as any);

Check warning on line 108 in public/components/report_definitions/report_settings/report_settings.tsx

View workflow job for this annotation

GitHub Actions / Lint 

Unexpected any. Specify a different type
const [notebooks, setNotebooks] = useState([] as any);

Check warning on line 109 in public/components/report_definitions/report_settings/report_settings.tsx

View workflow job for this annotation

GitHub Actions / Lint 

Unexpected any. Specify a different type

const [fileFormat, setFileFormat] = useState('pdf');

Expand Down Expand Up @@ -185,7 +186,7 @@
}
};

const handleDashboardSelect = (e: string | any[]) => {

Check warning on line 189 in public/components/report_definitions/report_settings/report_settings.tsx

View workflow job for this annotation

GitHub Actions / Lint 

Unexpected any. Specify a different type
setDashboardSourceSelect(e);

let fromInContext = false;
Expand Down Expand Up @@ -340,6 +341,8 @@
setCheckboxIdSelectHeaderFooter(newCheckboxIdToSelectedMap);
};

const DOMPurify = createDOMPurify(window);

const showFooter = checkboxIdSelectHeaderFooter.footer ? (
<EuiCompressedFormRow
label={i18n.translate('opensearch.reports.reportSettingProps.footer', {
Expand All @@ -357,7 +360,7 @@
['unordered-list', 'ordered-list', 'checked-list'],
]}
generateMarkdownPreview={(markdown) =>
Promise.resolve(converter.makeHtml(markdown))
Promise.resolve(DOMPurify.sanitize(converter.makeHtml(markdown)))
}
/>
</EuiCompressedFormRow>
Expand All @@ -380,7 +383,7 @@
['unordered-list', 'ordered-list', 'checked-list'],
]}
generateMarkdownPreview={(markdown) =>
Promise.resolve(converter.makeHtml(markdown))
Promise.resolve(DOMPurify.sanitize(converter.makeHtml(markdown)))
}
/>
</EuiCompressedFormRow>
Expand All @@ -396,7 +399,7 @@
response.report_definition;
const {
report_params: {
core_params: { header, footer },

Check failure on line 402 in public/components/report_definitions/report_settings/report_settings.tsx

View workflow job for this annotation

GitHub Actions / Lint 

'header' is already declared in the upper scope

Check failure on line 402 in public/components/report_definitions/report_settings/report_settings.tsx

View workflow job for this annotation

GitHub Actions / Lint 

'footer' is already declared in the upper scope
},
} = reportDefinition;
// set header/footer default
Expand Down Expand Up @@ -497,7 +500,7 @@
}
};

const setDefaultFileFormat = (fileFormat) => {

Check failure on line 503 in public/components/report_definitions/report_settings/report_settings.tsx

View workflow job for this annotation

GitHub Actions / Lint 

'fileFormat' is already declared in the upper scope
let index = 0;
for (index = 0; index < PDF_PNG_FILE_FORMAT_OPTIONS.length; ++index) {
if (
Expand Down Expand Up @@ -603,7 +606,7 @@
}
});

if (reportSource == REPORT_SOURCE_TYPES.savedSearch) {

Check failure on line 609 in public/components/report_definitions/report_settings/report_settings.tsx

View workflow job for this annotation

GitHub Actions / Lint 

Expected '===' and instead saw '=='
setSavedSearchRecordLimit(
response.report_definition.report_params.core_params.limit
);
Expand All @@ -619,7 +622,7 @@
);
};

const defaultConfigurationEdit = async (httpClientProps) => {

Check failure on line 625 in public/components/report_definitions/report_settings/report_settings.tsx

View workflow job for this annotation

GitHub Actions / Lint 

'httpClientProps' is already declared in the upper scope
let editData = {};
await httpClientProps
.get(`../api/reporting/reportDefinitions/${editDefinitionId}`)
Expand All @@ -632,8 +635,8 @@
return editData;
};

const defaultConfigurationCreate = async (httpClientProps) => {

Check failure on line 638 in public/components/report_definitions/report_settings/report_settings.tsx

View workflow job for this annotation

GitHub Actions / Lint 

'httpClientProps' is already declared in the upper scope
let reportSourceOptions = {

Check failure on line 639 in public/components/report_definitions/report_settings/report_settings.tsx

View workflow job for this annotation

GitHub Actions / Lint 

'reportSourceOptions' is never reassigned. Use 'const' instead
dashboard: [],
visualizations: [],
savedSearch: [],
Expand Down
Loading