Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
92a1b833
Commit
92a1b833
authored
Jan 28, 2021
by
Fernando Arias
Committed by
Phil Hughes
Jan 28, 2021
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fix Vuln detail and modal when reasonPhrase is empty string
* Fix for some reports like DAST
parent
578ab1bb
Changes
5
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
38 additions
and
6 deletions
+38
-6
ee/app/assets/javascripts/vue_shared/security_reports/components/vulnerability_details.vue
...red/security_reports/components/vulnerability_details.vue
+5
-2
ee/app/assets/javascripts/vulnerabilities/components/details.vue
...assets/javascripts/vulnerabilities/components/details.vue
+2
-2
ee/changelogs/unreleased/298919-fix-response-fields-for-vulns.yml
...elogs/unreleased/298919-fix-response-fields-for-vulns.yml
+5
-0
ee/spec/frontend/vue_shared/security_reports/components/__snapshots__/vulnerability_details_spec.js.snap
...mponents/__snapshots__/vulnerability_details_spec.js.snap
+12
-1
ee/spec/frontend/vulnerabilities/details_spec.js
ee/spec/frontend/vulnerabilities/details_spec.js
+14
-1
No files found.
ee/app/assets/javascripts/vue_shared/security_reports/components/vulnerability_details.vue
View file @
92a1b833
...
@@ -6,6 +6,7 @@ import CodeBlock from '~/vue_shared/components/code_block.vue';
...
@@ -6,6 +6,7 @@ import CodeBlock from '~/vue_shared/components/code_block.vue';
import
SeverityBadge
from
'
./severity_badge.vue
'
;
import
SeverityBadge
from
'
./severity_badge.vue
'
;
import
getFileLocation
from
'
../store/utils/get_file_location
'
;
import
getFileLocation
from
'
../store/utils/get_file_location
'
;
import
VulnerabilityDetail
from
'
./vulnerability_detail.vue
'
;
import
VulnerabilityDetail
from
'
./vulnerability_detail.vue
'
;
import
{
convertObjectPropsToCamelCase
}
from
'
~/lib/utils/common_utils
'
;
import
{
s__
,
sprintf
}
from
'
~/locale
'
;
import
{
s__
,
sprintf
}
from
'
~/locale
'
;
import
{
bodyWithFallBack
}
from
'
./helpers
'
;
import
{
bodyWithFallBack
}
from
'
./helpers
'
;
...
@@ -137,10 +138,12 @@ export default {
...
@@ -137,10 +138,12 @@ export default {
return
headers
.
map
(({
name
,
value
})
=>
`
${
name
}
:
${
value
}
`
).
join
(
'
\n
'
);
return
headers
.
map
(({
name
,
value
})
=>
`
${
name
}
:
${
value
}
`
).
join
(
'
\n
'
);
},
},
constructResponse
(
response
)
{
constructResponse
(
response
)
{
const
{
body
,
status_code
:
statusCode
,
reason_phrase
:
reasonPhrase
,
headers
=
[]
}
=
response
;
const
{
body
,
statusCode
,
reasonPhrase
=
''
,
headers
=
[]
}
=
convertObjectPropsToCamelCase
(
response
,
);
const
headerLines
=
this
.
getHeadersAsCodeBlockLines
(
headers
);
const
headerLines
=
this
.
getHeadersAsCodeBlockLines
(
headers
);
return
statusCode
&&
reasonPhrase
&&
headerLines
return
statusCode
&&
headerLines
?
[
`
${
statusCode
}
${
reasonPhrase
}
\n`
,
headerLines
,
'
\n\n
'
,
bodyWithFallBack
(
body
)].
join
(
''
)
?
[
`
${
statusCode
}
${
reasonPhrase
}
\n`
,
headerLines
,
'
\n\n
'
,
bodyWithFallBack
(
body
)].
join
(
''
)
:
''
;
:
''
;
},
},
...
...
ee/app/assets/javascripts/vulnerabilities/components/details.vue
View file @
92a1b833
...
@@ -144,10 +144,10 @@ export default {
...
@@ -144,10 +144,10 @@ export default {
:
''
;
:
''
;
},
},
constructResponse
(
response
)
{
constructResponse
(
response
)
{
const
{
body
,
statusCode
,
reasonPhrase
,
headers
=
[]
}
=
response
;
const
{
body
,
statusCode
,
reasonPhrase
=
''
,
headers
=
[]
}
=
response
;
const
headerLines
=
this
.
getHeadersAsCodeBlockLines
(
headers
);
const
headerLines
=
this
.
getHeadersAsCodeBlockLines
(
headers
);
return
statusCode
&&
reasonPhrase
&&
headerLines
return
statusCode
&&
headerLines
?
[
`
${
statusCode
}
${
reasonPhrase
}
\n`
,
headerLines
,
'
\n\n
'
,
bodyWithFallBack
(
body
)].
join
(
''
)
?
[
`
${
statusCode
}
${
reasonPhrase
}
\n`
,
headerLines
,
'
\n\n
'
,
bodyWithFallBack
(
body
)].
join
(
''
)
:
''
;
:
''
;
},
},
...
...
ee/changelogs/unreleased/298919-fix-response-fields-for-vulns.yml
0 → 100644
View file @
92a1b833
---
title
:
Fix Vuln detail and modal when reasonPhrase is empty string
merge_request
:
52156
author
:
type
:
fixed
ee/spec/frontend/vue_shared/security_reports/components/__snapshots__/vulnerability_details_spec.js.snap
View file @
92a1b833
...
@@ -59,7 +59,18 @@ exports[`VulnerabilityDetails component pin test renders correctly 1`] = `
...
@@ -59,7 +59,18 @@ exports[`VulnerabilityDetails component pin test renders correctly 1`] = `
<!---->
<!---->
<!---->
<vulnerability-detail-stub
label="Actual Response"
>
<code-block-stub
code="200
key1: value1
key2: value2
<Message body is not provided>"
maxheight="225px"
/>
</vulnerability-detail-stub>
<vulnerability-detail-stub
<vulnerability-detail-stub
label="File"
label="File"
...
...
ee/spec/frontend/vulnerabilities/details_spec.js
View file @
92a1b833
...
@@ -248,6 +248,12 @@ describe('Vulnerability Details', () => {
...
@@ -248,6 +248,12 @@ describe('Vulnerability Details', () => {
isCode
:
true
,
isCode
:
true
,
};
};
const
EXPECT_RESPONSE_WITHOUT_REASON_PHRASE
=
{
label
:
'
Actual response:
'
,
content
:
'
500
\n
Name1: Value1
\n
Name2: Value2
\n\n
[{"user_id":1,}]
'
,
isCode
:
true
,
};
const
EXPECT_RESPONSE_WITHOUT_BODY
=
{
const
EXPECT_RESPONSE_WITHOUT_BODY
=
{
label
:
'
Actual response:
'
,
label
:
'
Actual response:
'
,
content
:
content
:
...
@@ -261,6 +267,12 @@ describe('Vulnerability Details', () => {
...
@@ -261,6 +267,12 @@ describe('Vulnerability Details', () => {
isCode
:
true
,
isCode
:
true
,
};
};
const
EXPECT_RECORDED_RESPONSE_WITHOUT_REASON_PHRASE
=
{
label
:
'
Unmodified response:
'
,
content
:
'
200
\n
Name1: Value1
\n
Name2: Value2
\n\n
[{"user_id":1,}]
'
,
isCode
:
true
,
};
const
EXPECT_RECORDED_RESPONSE_WITHOUT_BODY
=
{
const
EXPECT_RECORDED_RESPONSE_WITHOUT_BODY
=
{
label
:
'
Unmodified response:
'
,
label
:
'
Unmodified response:
'
,
content
:
'
200 OK
\n
Name1: Value1
\n
Name2: Value2
\n\n
<Message body is not provided>
'
,
content
:
'
200 OK
\n
Name1: Value1
\n
Name2: Value2
\n\n
<Message body is not provided>
'
,
...
@@ -305,7 +317,7 @@ describe('Vulnerability Details', () => {
...
@@ -305,7 +317,7 @@ describe('Vulnerability Details', () => {
${{}}
|
$
{
null
}
${{}}
|
$
{
null
}
${{
headers
:
TEST_HEADERS
}
} |
${
null
}
${{
headers
:
TEST_HEADERS
}
} |
${
null
}
${{
headers
:
TEST_HEADERS
,
body
:
'
[{"user_id":1,}]
'
}
} |
${
null
}
${{
headers
:
TEST_HEADERS
,
body
:
'
[{"user_id":1,}]
'
}
} |
${
null
}
${{
headers
:
TEST_HEADERS
,
body
:
'
[{"user_id":1,}]
'
,
statusCode
:
'
500
'
}
} |
${
null
}
${{
headers
:
TEST_HEADERS
,
body
:
'
[{"user_id":1,}]
'
,
statusCode
:
'
500
'
}
} |
${
[
EXPECT_RESPONSE_WITHOUT_REASON_PHRASE
]
}
${{
headers
:
TEST_HEADERS
,
body
:
'
[{"user_id":1,}]
'
,
statusCode
:
'
500
'
,
reasonPhrase
:
'
INTERNAL SERVER ERROR
'
}
} |
${[
EXPECT_RESPONSE
]}
${{
headers
:
TEST_HEADERS
,
body
:
'
[{"user_id":1,}]
'
,
statusCode
:
'
500
'
,
reasonPhrase
:
'
INTERNAL SERVER ERROR
'
}
} |
${[
EXPECT_RESPONSE
]}
${{
headers
:
TEST_HEADERS
,
body
:
''
,
statusCode
:
'
500
'
,
reasonPhrase
:
'
INTERNAL SERVER ERROR
'
}
} |
${[
EXPECT_RESPONSE_WITHOUT_BODY
]}
${{
headers
:
TEST_HEADERS
,
body
:
''
,
statusCode
:
'
500
'
,
reasonPhrase
:
'
INTERNAL SERVER ERROR
'
}
} |
${[
EXPECT_RESPONSE_WITHOUT_BODY
]}
`
(
'
shows response data for $response
'
,
({
response
,
expectedData
})
=>
{
`
(
'
shows response data for $response
'
,
({
response
,
expectedData
})
=>
{
...
@@ -323,6 +335,7 @@ describe('Vulnerability Details', () => {
...
@@ -323,6 +335,7 @@ describe('Vulnerability Details', () => {
${[{},
{
response
:
{
headers
:
TEST_HEADERS
,
body
:
'
[{"user_id":1,}]
'
}
}]}
|
$
{
null
}
${[{},
{
response
:
{
headers
:
TEST_HEADERS
,
body
:
'
[{"user_id":1,}]
'
}
}]}
|
$
{
null
}
${[{},
{
response
:
{
headers
:
TEST_HEADERS
,
body
:
'
[{"user_id":1,}]
'
,
status_code
:
'
200
'
}
}]}
|
$
{
null
}
${[{},
{
response
:
{
headers
:
TEST_HEADERS
,
body
:
'
[{"user_id":1,}]
'
,
status_code
:
'
200
'
}
}]}
|
$
{
null
}
${[{},
{
response
:
{
headers
:
TEST_HEADERS
,
body
:
'
[{"user_id":1,}]
'
,
status_code
:
'
200
'
,
reason_phrase
:
'
OK
'
}
}]}
|
$
{
null
}
${[{},
{
response
:
{
headers
:
TEST_HEADERS
,
body
:
'
[{"user_id":1,}]
'
,
status_code
:
'
200
'
,
reason_phrase
:
'
OK
'
}
}]}
|
$
{
null
}
${[{},
{
name
:
SUPPORTING_MESSAGE_TYPES
.
RECORDED
,
response
:
{
headers
:
TEST_HEADERS
,
body
:
'
[{"user_id":1,}]
'
,
statusCode
:
'
200
'
}
}]}
|
$
{[
EXPECT_RECORDED_RESPONSE_WITHOUT_REASON_PHRASE
]}
${[{},
{
name
:
SUPPORTING_MESSAGE_TYPES
.
RECORDED
,
response
:
{
headers
:
TEST_HEADERS
,
body
:
'
[{"user_id":1,}]
'
,
statusCode
:
'
200
'
,
reasonPhrase
:
'
OK
'
}
}]}
|
$
{[
EXPECT_RECORDED_RESPONSE
]}
${[{},
{
name
:
SUPPORTING_MESSAGE_TYPES
.
RECORDED
,
response
:
{
headers
:
TEST_HEADERS
,
body
:
'
[{"user_id":1,}]
'
,
statusCode
:
'
200
'
,
reasonPhrase
:
'
OK
'
}
}]}
|
$
{[
EXPECT_RECORDED_RESPONSE
]}
${[{},
{
name
:
SUPPORTING_MESSAGE_TYPES
.
RECORDED
,
response
:
{
headers
:
TEST_HEADERS
,
body
:
''
,
statusCode
:
'
200
'
,
reasonPhrase
:
'
OK
'
}
}]}
|
$
{[
EXPECT_RECORDED_RESPONSE_WITHOUT_BODY
]}
${[{},
{
name
:
SUPPORTING_MESSAGE_TYPES
.
RECORDED
,
response
:
{
headers
:
TEST_HEADERS
,
body
:
''
,
statusCode
:
'
200
'
,
reasonPhrase
:
'
OK
'
}
}]}
|
$
{[
EXPECT_RECORDED_RESPONSE_WITHOUT_BODY
]}
`
(
'
shows response data for $supporting_messages
'
,
({
supportingMessages
,
expectedData
})
=>
{
`
(
'
shows response data for $supporting_messages
'
,
({
supportingMessages
,
expectedData
})
=>
{
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment