Skip to content

Comments

[9.1] [Attack Discovery][Scheduling] Use triple braces by default for the URL and markdown fields (#225794)#225837

Merged
kibanamachine merged 2 commits intoelastic:9.1from
kibanamachine:backport/9.1/pr-225794
Jun 30, 2025
Merged

[9.1] [Attack Discovery][Scheduling] Use triple braces by default for the URL and markdown fields (#225794)#225837
kibanamachine merged 2 commits intoelastic:9.1from
kibanamachine:backport/9.1/pr-225794

Conversation

@kibanamachine
Copy link
Contributor

@kibanamachine kibanamachine commented Jun 30, 2025

Backport

This will backport the following commits from main to 9.1:

Questions ?

Please refer to the Backport tool documentation

@e40pud
[Attack Discovery][Scheduling] Use triple braces by default for the U…
6c21dbb 
…RL and markdown fields (elastic#225794)

## Summary

According to the [mustache
syntax](https://github.com/janl/mustache.js?tab=readme-ov-file#variables),
all variables are HTML-escaped by default. If we want to render
unescaped HTML, we should use the triple mustache: `{{{name}}}`.

There are a few attack discovery variables in the action's context that
we would like to render as unescaped HTML to preserve the URL and
markdown structure. Those variable should be added using triple mustache
by default from the action's "Add variable" menu:

<img width="379" alt="Screenshot 2025-06-30 at 11 55 08"
src="https://github.com/user-attachments/assets/6ca19adb-2b17-4eaf-b4f7-c94d0674c7fc"
/>

### Variables that use triple mustache

- `context.attack.detailsMarkdown`
- `context.attack.summaryMarkdown`
- `context.attack.entitySummaryMarkdown`
- `context.attack.detailsUrl`

### Screenshots

**Using double mustache**:

<img width="1547" alt="Screenshot 2025-06-30 at 12 08 54"
src="https://github.com/user-attachments/assets/f1e86d0f-14fb-4041-be8b-d96cd208a5a9"
/>

**Using triple mustache**:

<img width="1547" alt="Screenshot 2025-06-30 at 12 08 41"
src="https://github.com/user-attachments/assets/627a1b74-8c2c-44c0-8d0f-8be17ca61482"
/>

(cherry picked from commit 0ff0163)
@kibanamachine kibanamachine added the backport This PR is a backport of another PR label Jun 30, 2025
@kibanamachine kibanamachine enabled auto-merge (squash) June 30, 2025 12:44
@kibanamachine kibanamachine mentioned this pull request Jun 30, 2025
Merged
@kibanamachine kibanamachine merged commit b8aaf53 into elastic:9.1 Jun 30, 2025
10 checks passed
@elasticmachine
Copy link
Contributor

elasticmachine commented Jun 30, 2025

💚 Build Succeeded

Metrics [docs]

Async chunks

Total size of all lazy-loaded chunks that will be downloaded as the user navigates the app

id before after diff
securitySolution 9.8MB 9.8MB +136.0B

History

cc @e40pud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

@e40pud e40pud

Labels

backport This PR is a backport of another PR

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@kibanamachine @elasticmachine @e40pud