Open migruiz4 opened 5 years ago
Hi @wazuh/framework seems that something is wrong in the q
param.
Regards.
Sorry, I accidentally closed the issue
After some tests, seems like the issue is related to the API. I have tried encoding the forward-slash using %2F but doesn't seem to work.
The q
works using q=os.name~Debian%20GNU, but fails when it comes to the /
character.
Maybe the Framework team can help us with this
Hi @migruiz4 and @juankaromo ,
Thanks for the report, we've been investigating this issue and it's correct that it is not currently working. The solution is to modify the regular expression in /api/helpers/input_validation.js#L92
As we see in the regular expression below, the specials characters / or \ are not allowed. In order to solve this problem you should just add them like this:
^(?:\(*[\w\.\-]+(?:=|!=|<|>|~)[\w\.\- \/\\]+\)*)(?:(?:;|,)\(*[\w\.\-]+(?:=|!=|<|>|~)[\w\.\- ]+\)*)*$
We will discuss the implications this change may have since the characters / and \ are reserved in http requests. As we can see in the following guide the characters / and \ are unsafe (https://perishablepress.com/stop-using-unsafe-characters-in-urls/) so it is better to encode them.
We're going to study how to proceed with the change. Thank you for the report.
Regards
Description Agents tab fails to search when using filters that include character '/'.
Steps to reproduce
Screenshots
Filter was added using the autocomplete option, which do include the agent OS:
When navigating without using filters, the agent is still visible.