Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Added UI validation when creating a Webhook connector with invalid URL #70025

11 changes: 11 additions & 0 deletions x-pack/plugins/actions/server/builtin_action_types/webhook.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -114,6 +114,17 @@ describe('config validation', () => {
});
});

test('config validation failed when a url is invalid', () => {
const config: Record<string, string> = {
url: 'example.com/do-something',
};
expect(() => {
validateConfig(actionType, config);
}).toThrowErrorMatchingInlineSnapshot(
'"error validating action type config: error configuring webhook action: unable to parse url: TypeError: Invalid URL: example.com/do-something"'
);
});

test('config validation passes when valid headers are provided', () => {
// any for testing
// eslint-disable-next-line @typescript-eslint/no-explicit-any
Expand Down
14 changes: 13 additions & 1 deletion x-pack/plugins/actions/server/builtin_action_types/webhook.ts
Original file line number Diff line number Diff line change
Expand Up @@ -85,8 +85,20 @@ function validateActionTypeConfig(
configurationUtilities: ActionsConfigurationUtilities,
configObject: ActionTypeConfigType
) {
let url: URL;
try {
configurationUtilities.ensureWhitelistedUri(configObject.url);
url = new URL(configObject.url);
} catch (err) {
return i18n.translate('xpack.actions.builtin.webhook.webhookConfigurationErrorNoHostname', {
defaultMessage: 'error configuring webhook action: unable to parse url: {err}',
values: {
err,
},
});
}

try {
configurationUtilities.ensureWhitelistedUri(url.toString());
} catch (whitelistError) {
return i18n.translate('xpack.actions.builtin.webhook.webhookConfigurationError', {
defaultMessage: 'error configuring webhook action: {message}',
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ describe('webhook connector validation', () => {
isPreconfigured: false,
config: {
method: 'PUT',
url: 'http:\\test',
url: 'http://test.com',
headers: { 'content-type': 'text' },
},
} as WebhookActionConnector;
Expand Down Expand Up @@ -77,6 +77,31 @@ describe('webhook connector validation', () => {
},
});
});

test('connector validation fails when url in config is not valid', () => {
const actionConnector = {
secrets: {
user: 'user',
password: 'pass',
},
id: 'test',
actionTypeId: '.webhook',
name: 'webhook',
config: {
method: 'PUT',
url: 'invalid.url',
},
} as WebhookActionConnector;

expect(actionTypeModel.validateConnector(actionConnector)).toEqual({
errors: {
url: ['URL is invalid.'],
method: [],
user: [],
password: [],
},
});
});
});

describe('webhook action params validation', () => {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ import { lazy } from 'react';
import { i18n } from '@kbn/i18n';
import { ActionTypeModel, ValidationResult } from '../../../../types';
import { WebhookActionParams, WebhookActionConnector } from '../types';
import { isValidUrl } from '../../../lib/value_validators';

export function getActionType(): ActionTypeModel<WebhookActionConnector, WebhookActionParams> {
return {
Expand Down Expand Up @@ -43,6 +44,17 @@ export function getActionType(): ActionTypeModel<WebhookActionConnector, Webhook
)
);
}
if (action.config.url && !isValidUrl(action.config.url)) {
errors.url = [
...errors.url,
i18n.translate(
'xpack.triggersActionsUI.components.builtinActionTypes.webhookAction.error.invalidUrlTextField',
{
defaultMessage: 'URL is invalid.',
}
),
];
}
if (!action.config.method) {
errors.method.push(
i18n.translate(
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -246,6 +246,7 @@ const WebhookActionConnectorFields: React.FunctionComponent<ActionConnectorField
isInvalid={errors.url.length > 0 && url !== undefined}
fullWidth
value={url || ''}
placeholder="https://<site-url> or http://<site-url>"
data-test-subj="webhookUrlText"
onChange={(e) => {
editActionConfig('url', e.target.value);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
* or more contributor license agreements. Licensed under the Elastic License;
* you may not use this file except in compliance with the Elastic License.
*/
import { throwIfAbsent, throwIfIsntContained } from './value_validators';
import { throwIfAbsent, throwIfIsntContained, isValidUrl } from './value_validators';
import uuid from 'uuid';

describe('throwIfAbsent', () => {
Expand Down Expand Up @@ -79,3 +79,17 @@ describe('throwIfIsntContained', () => {
).toEqual(values);
});
});

describe('isValidUrl', () => {
test('verifies invalid url', () => {
expect(isValidUrl('this is not a url')).toBeFalsy();
});

test('verifies valid url any protocol', () => {
expect(isValidUrl('https://www.elastic.co/')).toBeTruthy();
});

test('verifies valid url with specific protocol', () => {
expect(isValidUrl('https://www.elastic.co/', 'https:')).toBeTruthy();
});
});
Original file line number Diff line number Diff line change
Expand Up @@ -31,3 +31,15 @@ export function throwIfIsntContained<T>(
return values;
};
}

export const isValidUrl = (urlString: string, protocol?: string) => {
try {
const urlObject = new URL(urlString);
if (protocol === undefined || urlObject.protocol === protocol) {
return true;
}
return false;
} catch (err) {
return false;
}
};