Merge branch "dev" into branch "staging" #2074
Conversation
…in plugins refresh
…sponses for ban scope and service
Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.221.0 to 1.222.0. - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](ruby/setup-ruby@32110d4...277ba2a) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
…y entries and enhance worker refresh handling
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.10 to 3.28.11. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@b56ba49...6bb031a) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
…/ruby/setup-ruby-1.222.0 deps/gha: bump ruby/setup-ruby from 1.221.0 to 1.222.0
…/github/codeql-action-3.28.11 deps/gha: bump github/codeql-action from 3.28.10 to 3.28.11
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| """ | ||
| # Look in pro plugins first (higher priority) | ||
| pro_path = PRO_PLUGINS_PATH / plugin_id | ||
| if (pro_path / "ui").exists(): |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 days ago
To fix the problem, we need to ensure that the constructed file paths are contained within the intended directories. This can be achieved by normalizing the paths and verifying that they start with the expected base paths. We will use os.path.normpath to normalize the paths and then check if the normalized paths start with the respective base paths.
| @@ -104,4 +104,4 @@ | ||
| # Look in pro plugins first (higher priority) | ||
| pro_path = PRO_PLUGINS_PATH / plugin_id | ||
| if (pro_path / "ui").exists(): | ||
| pro_path = Path(os.path.normpath(PRO_PLUGINS_PATH / plugin_id)) | ||
| if pro_path.startswith(PRO_PLUGINS_PATH) and (pro_path / "ui").exists(): | ||
| return pro_path | ||
| @@ -109,4 +109,4 @@ | ||
| # Then look in external plugins | ||
| ext_path = EXTERNAL_PLUGINS_PATH / plugin_id | ||
| if (ext_path / "ui").exists(): | ||
| ext_path = Path(os.path.normpath(EXTERNAL_PLUGINS_PATH / plugin_id)) | ||
| if ext_path.startswith(EXTERNAL_PLUGINS_PATH) and (ext_path / "ui").exists(): | ||
| return ext_path | ||
| @@ -114,4 +114,4 @@ | ||
| # And finally in core plugins | ||
| core_path = CORE_PLUGINS_PATH / plugin_id | ||
| if (core_path / "ui").exists(): | ||
| core_path = Path(os.path.normpath(CORE_PLUGINS_PATH / plugin_id)) | ||
| if core_path.startswith(CORE_PLUGINS_PATH) and (core_path / "ui").exists(): | ||
| return core_path |
|
|
||
| # Then look in external plugins | ||
| ext_path = EXTERNAL_PLUGINS_PATH / plugin_id | ||
| if (ext_path / "ui").exists(): |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 days ago
To fix the problem, we need to ensure that the constructed file paths are safe and do not allow directory traversal attacks. This can be achieved by normalizing the paths and verifying that they are contained within the intended root directories.
- Normalize the constructed paths using
os.path.normpathto remove any ".." segments. - Verify that the normalized paths start with the intended root directories (
PRO_PLUGINS_PATH,EXTERNAL_PLUGINS_PATH, orCORE_PLUGINS_PATH).
| @@ -104,4 +104,4 @@ | ||
| # Look in pro plugins first (higher priority) | ||
| pro_path = PRO_PLUGINS_PATH / plugin_id | ||
| if (pro_path / "ui").exists(): | ||
| pro_path = (PRO_PLUGINS_PATH / plugin_id).resolve() | ||
| if str(pro_path).startswith(str(PRO_PLUGINS_PATH)) and (pro_path / "ui").exists(): | ||
| return pro_path | ||
| @@ -109,4 +109,4 @@ | ||
| # Then look in external plugins | ||
| ext_path = EXTERNAL_PLUGINS_PATH / plugin_id | ||
| if (ext_path / "ui").exists(): | ||
| ext_path = (EXTERNAL_PLUGINS_PATH / plugin_id).resolve() | ||
| if str(ext_path).startswith(str(EXTERNAL_PLUGINS_PATH)) and (ext_path / "ui").exists(): | ||
| return ext_path | ||
| @@ -114,4 +114,4 @@ | ||
| # And finally in core plugins | ||
| core_path = CORE_PLUGINS_PATH / plugin_id | ||
| if (core_path / "ui").exists(): | ||
| core_path = (CORE_PLUGINS_PATH / plugin_id).resolve() | ||
| if str(core_path).startswith(str(CORE_PLUGINS_PATH)) and (core_path / "ui").exists(): | ||
| return core_path |
|
|
||
| # And finally in core plugins | ||
| core_path = CORE_PLUGINS_PATH / plugin_id | ||
| if (core_path / "ui").exists(): |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 days ago
To fix the problem, we need to ensure that the constructed file paths are contained within the intended base directories. This can be achieved by normalizing the paths and verifying that they start with the base directory paths. We will use os.path.normpath to normalize the paths and then check if the normalized paths start with the base paths.
| @@ -104,4 +104,4 @@ | ||
| # Look in pro plugins first (higher priority) | ||
| pro_path = PRO_PLUGINS_PATH / plugin_id | ||
| if (pro_path / "ui").exists(): | ||
| pro_path = (PRO_PLUGINS_PATH / plugin_id).resolve() | ||
| if str(pro_path).startswith(str(PRO_PLUGINS_PATH)) and (pro_path / "ui").exists(): | ||
| return pro_path | ||
| @@ -109,4 +109,4 @@ | ||
| # Then look in external plugins | ||
| ext_path = EXTERNAL_PLUGINS_PATH / plugin_id | ||
| if (ext_path / "ui").exists(): | ||
| ext_path = (EXTERNAL_PLUGINS_PATH / plugin_id).resolve() | ||
| if str(ext_path).startswith(str(EXTERNAL_PLUGINS_PATH)) and (ext_path / "ui").exists(): | ||
| return ext_path | ||
| @@ -114,4 +114,4 @@ | ||
| # And finally in core plugins | ||
| core_path = CORE_PLUGINS_PATH / plugin_id | ||
| if (core_path / "ui").exists(): | ||
| core_path = (CORE_PLUGINS_PATH / plugin_id).resolve() | ||
| if str(core_path).startswith(str(CORE_PLUGINS_PATH)) and (core_path / "ui").exists(): | ||
| return core_path |
|
|
||
| if not page: | ||
| return {"status": "ko", "code": 404, "message": "The plugin does not have a page"} | ||
| if plugin_path and (plugin_path / "ui" / "actions.py").exists(): |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 days ago
To fix the problem, we need to ensure that the constructed file path is safe and does not allow directory traversal. This can be achieved by normalizing the path and verifying that it is contained within a safe root directory. We will use os.path.normpath to normalize the path and then check that the normalized path starts with the expected root directory.
- Normalize the
plugin_pathusingos.path.normpath. - Verify that the normalized path starts with the expected root directory.
- If the path is valid, proceed with the existing logic; otherwise, return an error.
| @@ -129,5 +129,10 @@ | ||
|
|
||
| if plugin_path and (plugin_path / "ui" / "actions.py").exists(): | ||
| # Plugin exists in filesystem | ||
| tmp_dir = plugin_path / "ui" | ||
| if plugin_path: | ||
| normalized_plugin_path = plugin_path.resolve() | ||
| if not str(normalized_plugin_path).startswith((str(PRO_PLUGINS_PATH), str(EXTERNAL_PLUGINS_PATH), str(CORE_PLUGINS_PATH))): | ||
| return {"status": "ko", "code": 400, "message": "Invalid plugin path"} | ||
|
|
||
| if (normalized_plugin_path / "ui" / "actions.py").exists(): | ||
| # Plugin exists in filesystem | ||
| tmp_dir = normalized_plugin_path / "ui" | ||
| else: |
| plugin_fs_path = get_plugin_path(plugin) | ||
| tmp_page_dir = None | ||
|
|
||
| if plugin_fs_path and (plugin_fs_path / "ui").exists(): |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 days ago
To fix the problem, we need to ensure that the constructed file path is contained within a safe root folder. We can achieve this by normalizing the path using os.path.normpath and then checking that the normalized path starts with the root folder. This will prevent any path traversal attacks.
- Normalize the path using
os.path.normpathto remove any ".." segments. - Check that the normalized path starts with the root folder.
- If the path is not within the root folder, raise an exception or handle the error appropriately.
| @@ -103,5 +103,11 @@ | ||
| """ | ||
| def is_safe_path(base_path: Path, target_path: Path) -> bool: | ||
| try: | ||
| return base_path in target_path.resolve().parents | ||
| except RuntimeError: | ||
| return False | ||
|
|
||
| # Look in pro plugins first (higher priority) | ||
| pro_path = PRO_PLUGINS_PATH / plugin_id | ||
| if (pro_path / "ui").exists(): | ||
| if (pro_path / "ui").exists() and is_safe_path(PRO_PLUGINS_PATH, pro_path): | ||
| return pro_path | ||
| @@ -110,3 +116,3 @@ | ||
| ext_path = EXTERNAL_PLUGINS_PATH / plugin_id | ||
| if (ext_path / "ui").exists(): | ||
| if (ext_path / "ui").exists() and is_safe_path(EXTERNAL_PLUGINS_PATH, ext_path): | ||
| return ext_path | ||
| @@ -115,3 +121,3 @@ | ||
| core_path = CORE_PLUGINS_PATH / plugin_id | ||
| if (core_path / "ui").exists(): | ||
| if (core_path / "ui").exists() and is_safe_path(CORE_PLUGINS_PATH, core_path): | ||
| return core_path |
| page_content = tmp_page_dir.joinpath("template.html").read_text(encoding="utf-8") | ||
| template_path = tmp_page_dir / "template.html" | ||
|
|
||
| if template_path.is_file(): |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 days ago
To fix the problem, we need to ensure that the paths constructed from user input are validated and sanitized. Specifically, we should:
- Normalize the constructed paths to remove any ".." segments.
- Ensure that the normalized paths are within a safe root directory.
We will modify the get_plugin_path function to normalize the paths and check that they are within the expected directories. Additionally, we will update the custom_plugin_page function to use these validated paths.
| @@ -104,4 +104,4 @@ | ||
| # Look in pro plugins first (higher priority) | ||
| pro_path = PRO_PLUGINS_PATH / plugin_id | ||
| if (pro_path / "ui").exists(): | ||
| pro_path = (PRO_PLUGINS_PATH / plugin_id).resolve() | ||
| if str(pro_path).startswith(str(PRO_PLUGINS_PATH)) and (pro_path / "ui").exists(): | ||
| return pro_path | ||
| @@ -109,4 +109,4 @@ | ||
| # Then look in external plugins | ||
| ext_path = EXTERNAL_PLUGINS_PATH / plugin_id | ||
| if (ext_path / "ui").exists(): | ||
| ext_path = (EXTERNAL_PLUGINS_PATH / plugin_id).resolve() | ||
| if str(ext_path).startswith(str(EXTERNAL_PLUGINS_PATH)) and (ext_path / "ui").exists(): | ||
| return ext_path | ||
| @@ -114,4 +114,4 @@ | ||
| # And finally in core plugins | ||
| core_path = CORE_PLUGINS_PATH / plugin_id | ||
| if (core_path / "ui").exists(): | ||
| core_path = (CORE_PLUGINS_PATH / plugin_id).resolve() | ||
| if str(core_path).startswith(str(CORE_PLUGINS_PATH)) and (core_path / "ui").exists(): | ||
| return core_path | ||
| @@ -607,5 +607,5 @@ | ||
| pre_render = run_action(plugin, "pre_render", tmp_dir=tmp_page_dir) | ||
| template_path = tmp_page_dir / "template.html" | ||
| template_path = (tmp_page_dir / "template.html").resolve() | ||
|
|
||
| if template_path.is_file(): | ||
| if str(template_path).startswith(str(tmp_page_dir)) and template_path.is_file(): | ||
| page_content = template_path.read_text(encoding="utf-8") |
| template_path = tmp_page_dir / "template.html" | ||
|
|
||
| if template_path.is_file(): | ||
| page_content = template_path.read_text(encoding="utf-8") |
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 days ago
To fix the problem, we need to ensure that any paths constructed from user input are validated to prevent path traversal attacks. This can be achieved by normalizing the paths and ensuring they are within a predefined safe directory. Specifically, we will:
- Normalize the
plugin_fs_pathto remove any ".." segments. - Check that the normalized path starts with one of the allowed base paths (
PRO_PLUGINS_PATH,EXTERNAL_PLUGINS_PATH, orCORE_PLUGINS_PATH).
| @@ -574,6 +574,12 @@ | ||
|
|
||
| if plugin_fs_path and (plugin_fs_path / "ui").exists(): | ||
| # Use the filesystem path directly | ||
| tmp_page_dir = plugin_fs_path / "ui" | ||
| LOGGER.debug(f"Using filesystem path for plugin {plugin}: {tmp_page_dir}") | ||
| if plugin_fs_path: | ||
| # Normalize the path | ||
| plugin_fs_path = plugin_fs_path.resolve() | ||
|
|
||
| # Ensure the path starts with one of the allowed base paths | ||
| allowed_paths = [PRO_PLUGINS_PATH.resolve(), EXTERNAL_PLUGINS_PATH.resolve(), CORE_PLUGINS_PATH.resolve()] | ||
| if any(str(plugin_fs_path).startswith(str(base_path)) for base_path in allowed_paths) and (plugin_fs_path / "ui").exists(): | ||
| # Use the filesystem path directly | ||
| tmp_page_dir = plugin_fs_path / "ui" | ||
| LOGGER.debug(f"Using filesystem path for plugin {plugin}: {tmp_page_dir}") | ||
| else: |
| @@ -602,4 +633,8 @@ | |||
| LOGGER.exception("An error occurred while rendering the plugin page") | |||
| plugin_page = '<div class="mt-2 mb-2 alert alert-danger text-center" role="alert">An error occurred while rendering the plugin page<br/>See logs for more details</div>' | |||
|
|
|||
| # Clean up temporary directories if extracted from database | |||
| if not str(tmp_page_dir).startswith((str(EXTERNAL_PLUGINS_PATH), str(PRO_PLUGINS_PATH))): | |||
| rmtree(tmp_page_dir.parent, ignore_errors=True) | |||
Check failure
Code scanning / CodeQL
Uncontrolled data used in path expression High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 days ago
To fix the problem, we need to ensure that the constructed file paths are validated to prevent path traversal attacks. This can be achieved by normalizing the path and ensuring it starts with one of the allowed base paths. We will use os.path.normpath to normalize the path and then check if the resulting path starts with the expected base paths.
- Normalize the
tmp_page_dirpath usingos.path.normpath. - Check if the normalized path starts with one of the allowed base paths (
EXTERNAL_PLUGINS_PATH,PRO_PLUGINS_PATH,CORE_PLUGINS_PATH). - If the path is not valid, raise an exception or handle the error appropriately.
| @@ -636,3 +636,4 @@ | ||
| # Clean up temporary directories if extracted from database | ||
| if not str(tmp_page_dir).startswith((str(EXTERNAL_PLUGINS_PATH), str(PRO_PLUGINS_PATH))): | ||
| normalized_tmp_page_dir = os.path.normpath(tmp_page_dir) | ||
| if not any(normalized_tmp_page_dir.startswith(str(base_path)) for base_path in [EXTERNAL_PLUGINS_PATH, PRO_PLUGINS_PATH, CORE_PLUGINS_PATH]): | ||
| rmtree(tmp_page_dir.parent, ignore_errors=True) |
| const scopeItem = $(`<li class="list-group-item" style="flex: 1 0;"> | ||
| <div class="ms-2 me-auto"> | ||
| ${ban.ban_scope || "global"}${ | ||
| ban.service && ban.ban_scope === "service" | ||
| ? ` (${ban.service})` | ||
| : "" | ||
| } | ||
| </div> | ||
| </li>`); |
Check warning
Code scanning / CodeQL
DOM text reinterpreted as HTML Medium
No description provided.