Skip to content

[Security Solution][Detections] Validate file type of value lists #72746

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Jul 21, 2020
Merged

[Security Solution][Detections] Validate file type of value lists #72746

merged 2 commits into from
Jul 21, 2020

Conversation

@rylnd
Copy link
Contributor

@rylnd rylnd commented Jul 21, 2020

Summary

When choosing a value list to upload, this PR adds the following behaviors:

  • The file picker is restricted to files of type text/csv or text/plain (.csv and .txt, along with a few other text extensions)
  • If dragging/dropping a file with an invalid type, a validation message is displayed and the upload button is disabled.

NB: this does not restrict file uploads via the API
value_list_extension_validation

Checklist

Delete any items that are not applicable to this PR.

For maintainers

rylnd added 2 commits July 21, 2020 14:06
@rylnd
UI validates file type of uploaded value list
9aa4a54 
* file picker itself is restricted to text/csv and text/plain
* if they drag/drop an invalid file, we disable the upload button and
display an error message
* refactors form state to be a File instead of a FileList
@rylnd
Refactor validation and error message in terms of file type
2a9caf3 
Instead of maintaining lists of both valid extensions and valid mime
types, we simply use the latter.
@rylnd rylnd added Team:SIEM v8.0.0 release_note:skip Skip the PR/issue when compiling release notes v7.9.0 labels Jul 21, 2020
@rylnd rylnd self-assigned this Jul 21, 2020
@kibanamachine
Copy link
Contributor

kibanamachine commented Jul 21, 2020

💚 Build Succeeded

Build metrics

async chunks size

id value diff baseline
securitySolution 7.3MB +853.0B 7.3MB

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@rylnd rylnd marked this pull request as ready for review July 21, 2020 23:22
@rylnd rylnd requested review from a team as code owners July 21, 2020 23:22
FrankHassanabad
FrankHassanabad approved these changes Jul 21, 2020
View reviewed changes
Copy link
Contributor

@FrankHassanabad FrankHassanabad left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

@rylnd rylnd merged commit ba643bd into elastic:master Jul 21, 2020
@rylnd rylnd deleted the validate_value_list_extension branch July 21, 2020 23:32
@rylnd rylnd mentioned this pull request Jul 21, 2020
Merged
rylnd added a commit to rylnd/kibana that referenced this pull request Jul 21, 2020
@rylnd
[Security Solution][Detections] Validate file type of value lists (el…
e4ec437 
…astic#72746)

* UI validates file type of uploaded value list

* file picker itself is restricted to text/csv and text/plain
* if they drag/drop an invalid file, we disable the upload button and
display an error message
* refactors form state to be a File instead of a FileList

* Refactor validation and error message in terms of file type

Instead of maintaining lists of both valid extensions and valid mime
types, we simply use the latter.
@rylnd rylnd mentioned this pull request Jul 21, 2020
Merged
rylnd added a commit to rylnd/kibana that referenced this pull request Jul 21, 2020
@rylnd
[Security Solution][Detections] Validate file type of value lists (el…
ff62aa9 
…astic#72746)

* UI validates file type of uploaded value list

* file picker itself is restricted to text/csv and text/plain
* if they drag/drop an invalid file, we disable the upload button and
display an error message
* refactors form state to be a File instead of a FileList

* Refactor validation and error message in terms of file type

Instead of maintaining lists of both valid extensions and valid mime
types, we simply use the latter.
rylnd added a commit that referenced this pull request Jul 22, 2020
@rylnd
[Security Solution][Detections] Validate file type of value lists (#7…
9f3d99f 
…2746) (#72771)

* UI validates file type of uploaded value list

* file picker itself is restricted to text/csv and text/plain
* if they drag/drop an invalid file, we disable the upload button and
display an error message
* refactors form state to be a File instead of a FileList

* Refactor validation and error message in terms of file type

Instead of maintaining lists of both valid extensions and valid mime
types, we simply use the latter.
rylnd added a commit that referenced this pull request Jul 22, 2020
@rylnd
[Security Solution][Detections] Validate file type of value lists (#7…
dd585cd 
…2746) (#72772)

* UI validates file type of uploaded value list

* file picker itself is restricted to text/csv and text/plain
* if they drag/drop an invalid file, we disable the upload button and
display an error message
* refactors form state to be a File instead of a FileList

* Refactor validation and error message in terms of file type

Instead of maintaining lists of both valid extensions and valid mime
types, we simply use the latter.
gmmorris added a commit to gmmorris/kibana that referenced this pull request Jul 22, 2020
@gmmorris
Merge branch 'master' into task-manager/fix-flaky-buffer-test
1b2400c 
* master: (23 commits)
  Stabilize closing toast (elastic#72097)
  stabilize failing test (elastic#72086)
  Stabilize filter bar test (elastic#72032)
  Unskip vislib tests (elastic#71452)
  [ML] Fix layout of anomaly chart tooltip for long field values (elastic#72689)
  fix preAuth/preRouting mocks (elastic#72663)
  [Security Solution] Hide KQL bar (all pages) and alerts filters (Detections) when Resolver is full screen (elastic#72788)
  [Uptime] Rename Whitelist to Allowlist in parse_filter_map (elastic#71584)
  [Security Solution] Fixes exception modal not loading content (elastic#72770)
  [Security Solution][Exceptions] - Require non empty entries and non empty string values in exception list items (elastic#72748)
  [Detections] Add validation for Threshold value field (elastic#72611)
  [SIEM][Detection Engine][Lists] Adds version and immutability data structures (elastic#72730)
  [Security Solution][Detections] Validate file type of value lists (elastic#72746)
  [pre-req] New Component Layout proposal (elastic#72385)
  [ML] do not throw an error when agg is not supported by UI (elastic#72685)
  [Resolver] Origin process (elastic#72382)
  [Ingest Manager] Allow to force unenroll from the UI (elastic#72386)
  skip 6.8 branch when triggering baseline-capture builds (elastic#72706)
  [CI] In-progress PR comments (elastic#72211)
  Fix sorting of scripted string fields (elastic#72681)
  ...
@MindyRS MindyRS added the Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. label Sep 23, 2021
@elasticmachine
Copy link
Contributor

elasticmachine commented Sep 23, 2021

Pinging @elastic/security-solution (Team: SecuritySolution)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@FrankHassanabad FrankHassanabad FrankHassanabad approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@rylnd rylnd

Labels

release_note:skip Skip the PR/issue when compiling release notes Team: SecuritySolution Security Solutions Team working on SIEM, Endpoint, Timeline, Resolver, etc. Team:SIEM v7.9.0 v8.0.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@rylnd @kibanamachine @elasticmachine @FrankHassanabad @MindyRS