github-mirrors/kibana
1
0
Fork 0
mirror of https://github.com/elastic/kibana.git synced 2025-04-23 17:28:26 -04:00
Code Issues Projects Releases Packages Wiki Activity

Remove invalid characters from default server.name config value (#141350)

Browse source
This commit is contained in:
Pierre Gayvallet 2022-09-23 08:14:51 +02:00 committed by GitHub
parent df4adebf5b
commit 6786b1e9a0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 26 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

25
packages/core/http/core-http-server-internal/src/http_config.test.ts
View file

@ -14,15 +14,21 @@ import { ExternalUrlConfig } from './external_url';
const validHostnames = ['www.example.com', '8.8.8.8', '::1', 'localhost', '0.0.0.0'];
const invalidHostnames = ['asdf$%^', '0'];
let mockHostname = 'kibana-hostname';
jest.mock('os', () => {
const original = jest.requireActual('os');
return {
...original,
hostname: () => 'kibana-hostname',
hostname: () => mockHostname,
};
});
beforeEach(() => {
mockHostname = 'kibana-hostname';
});
test('has defaults for config', () => {
const httpSchema = config.schema;
const obj = {};
@ -245,10 +251,19 @@ test('accepts only valid uuids for server.uuid', () => {
);
});
test('uses os.hostname() as default for server.name', () => {
const httpSchema = config.schema;
const validated = httpSchema.validate({});
expect(validated.name).toEqual('kibana-hostname');
describe('server.name', () => {
test('uses os.hostname() as default for server.name', () => {
const httpSchema = config.schema;
const validated = httpSchema.validate({});
expect(validated.name).toEqual('kibana-hostname');
});
test('removes non-ascii characters from os.hostname() when used as default', () => {
mockHostname = 'Apples amazing idea♥';
const httpSchema = config.schema;
const validated = httpSchema.validate({});
expect(validated.name).toEqual('Apples amazing idea');
});
});
test('throws if xsrf.allowlist element does not start with a slash', () => {

7
packages/core/http/core-http-server-internal/src/http_config.ts
View file

@ -32,9 +32,14 @@ const match = (regex: RegExp, errorMsg: string) => (str: string) =>
// The lower-case set of response headers which are forbidden within `customResponseHeaders`.
const RESPONSE_HEADER_DENY_LIST = ['location', 'refresh'];
const validHostName = () => {
// see https://github.com/elastic/kibana/issues/139730
return hostname().replace(/[^\x00-\x7F]/g, '');
};
const configSchema = schema.object(
{
name: schema.string({ defaultValue: () => hostname() }),
name: schema.string({ defaultValue: () => validHostName() }),
autoListen: schema.boolean({ defaultValue: true }),
publicBaseUrl: schema.maybe(schema.uri({ scheme: ['http', 'https'] })),
basePath: schema.maybe(