From 743db96f989f910837f6948e5e5272b2cd5006b5 Mon Sep 17 00:00:00 2001 From: Ethan Kaplan Date: Wed, 1 May 2024 07:49:06 -0700 Subject: [PATCH 1/7] MAT-6216 Add featureflag for test case tab numbers --- src/Store/featureFlagStore.ts | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/Store/featureFlagStore.ts b/src/Store/featureFlagStore.ts index e9a255e..85e33ce 100644 --- a/src/Store/featureFlagStore.ts +++ b/src/Store/featureFlagStore.ts @@ -15,6 +15,7 @@ export interface FeatureFlags { testCaseExport: boolean; qdmCodeSearch: boolean; QDMValueSetSearch: boolean; + testTabNumber: boolean; } const initialState: FeatureFlags = { includeSDEValues: false, @@ -26,8 +27,9 @@ const initialState: FeatureFlags = { generateCMSID: false, manifestExpansion: false, testCaseExport: false, - qdmCodeSearch: false, + qdmCodeSearch: true, QDMValueSetSearch: false, + testTabNumber: false, }; let state: FeatureFlags | null = initialState; From 447ff5cceac50e957246098ea1b0681e6929019e Mon Sep 17 00:00:00 2001 From: Ethan Kaplan Date: Wed, 1 May 2024 08:36:49 -0700 Subject: [PATCH 2/7] undo a flag flip --- src/Store/featureFlagStore.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Store/featureFlagStore.ts b/src/Store/featureFlagStore.ts index 85e33ce..d4d00a7 100644 --- a/src/Store/featureFlagStore.ts +++ b/src/Store/featureFlagStore.ts @@ -27,7 +27,7 @@ const initialState: FeatureFlags = { generateCMSID: false, manifestExpansion: false, testCaseExport: false, - qdmCodeSearch: true, + qdmCodeSearch: false, QDMValueSetSearch: false, testTabNumber: false, }; From d46c88f0b1420c11e30f4f200ef922b18afc2b57 Mon Sep 17 00:00:00 2001 From: Ethan Kaplan <47760891+ethankaplan@users.noreply.github.com> Date: Fri, 14 Jun 2024 11:12:14 -0700 Subject: [PATCH 3/7] What the heck --- src/Store/featureFlagStore.ts | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/Store/featureFlagStore.ts b/src/Store/featureFlagStore.ts index d4d00a7..e9a255e 100644 --- a/src/Store/featureFlagStore.ts +++ b/src/Store/featureFlagStore.ts @@ -15,7 +15,6 @@ export interface FeatureFlags { testCaseExport: boolean; qdmCodeSearch: boolean; QDMValueSetSearch: boolean; - testTabNumber: boolean; } const initialState: FeatureFlags = { includeSDEValues: false, @@ -29,7 +28,6 @@ const initialState: FeatureFlags = { testCaseExport: false, qdmCodeSearch: false, QDMValueSetSearch: false, - testTabNumber: false, }; let state: FeatureFlags | null = initialState; From 906ef3b496f6ee71b4fb5d1ec1de56231a046701 Mon Sep 17 00:00:00 2001 From: Ethan Kaplan Date: Fri, 14 Jun 2024 11:13:00 -0700 Subject: [PATCH 4/7] MAT-7204 Add intercept --- package-lock.json | 11 +++++++++++ package.json | 7 ++++--- src/Store/featureFlagStore.ts | 2 -- src/madie-madie-util.tsx | 2 ++ src/util/wafIntercept.ts | 28 ++++++++++++++++++++++++++++ 5 files changed, 45 insertions(+), 5 deletions(-) create mode 100644 src/util/wafIntercept.ts diff --git a/package-lock.json b/package-lock.json index 40d8f24..22fe74f 100644 --- a/package-lock.json +++ b/package-lock.json @@ -8,6 +8,7 @@ "dependencies": { "@madie/madie-models": "^1.3.11", "axios": "^1.6.7", + "dompurify": "^3.1.5", "react": "^17.0.2", "react-dom": "^17.0.2", "rxjs": "^7.5.5", @@ -5368,6 +5369,11 @@ "url": "https://github.com/fb55/domhandler?sponsor=1" } }, + "node_modules/dompurify": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.1.5.tgz", + "integrity": "sha512-lwG+n5h8QNpxtyrJW/gJWckL+1/DQiYMX8f7t8Z2AZTPw1esVrqjI63i7Zc2Gz0aKzLVMYC1V1PL/ky+aY/NgA==" + }, "node_modules/domutils": { "version": "2.8.0", "resolved": "https://registry.npmjs.org/domutils/-/domutils-2.8.0.tgz", @@ -17939,6 +17945,11 @@ "domelementtype": "^2.2.0" } }, + "dompurify": { + "version": "3.1.5", + "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.1.5.tgz", + "integrity": "sha512-lwG+n5h8QNpxtyrJW/gJWckL+1/DQiYMX8f7t8Z2AZTPw1esVrqjI63i7Zc2Gz0aKzLVMYC1V1PL/ky+aY/NgA==" + }, "domutils": { "version": "2.8.0", "resolved": "https://registry.npmjs.org/domutils/-/domutils-2.8.0.tgz", diff --git a/package.json b/package.json index 19bcdd0..f8aa866 100644 --- a/package.json +++ b/package.json @@ -25,11 +25,11 @@ "@babel/runtime": "^7.15.3", "@testing-library/jest-dom": "^5.14.1", "@testing-library/react": "^12.0.0", - "@types/testing-library__jest-dom": "^5.14.1", "@types/jest": "^27.0.1", "@types/react": "^17.0.19", "@types/react-dom": "^17.0.9", "@types/systemjs": "^6.1.1", + "@types/testing-library__jest-dom": "^5.14.1", "@types/webpack-env": "^1.16.2", "babel-jest": "^27.0.6", "babel-plugin-macros": "^3.1.0", @@ -57,14 +57,15 @@ }, "dependencies": { "@madie/madie-models": "^1.3.11", + "axios": "^1.6.7", + "dompurify": "^3.1.5", "react": "^17.0.2", "react-dom": "^17.0.2", "rxjs": "^7.5.5", "single-spa": "^5.9.3", "single-spa-react": "^4.3.1", "styled-components": "^5.3.5", - "twin.macro": "^2.8.2", - "axios": "^1.6.7" + "twin.macro": "^2.8.2" }, "types": "dist/madie-madie-util.d.ts", "overrides": { diff --git a/src/Store/featureFlagStore.ts b/src/Store/featureFlagStore.ts index d4d00a7..e9a255e 100644 --- a/src/Store/featureFlagStore.ts +++ b/src/Store/featureFlagStore.ts @@ -15,7 +15,6 @@ export interface FeatureFlags { testCaseExport: boolean; qdmCodeSearch: boolean; QDMValueSetSearch: boolean; - testTabNumber: boolean; } const initialState: FeatureFlags = { includeSDEValues: false, @@ -29,7 +28,6 @@ const initialState: FeatureFlags = { testCaseExport: false, qdmCodeSearch: false, QDMValueSetSearch: false, - testTabNumber: false, }; let state: FeatureFlags | null = initialState; diff --git a/src/madie-madie-util.tsx b/src/madie-madie-util.tsx index c2ba49c..46b434f 100644 --- a/src/madie-madie-util.tsx +++ b/src/madie-madie-util.tsx @@ -9,6 +9,7 @@ import { getServiceConfig } from "./Config/Config"; import { default as useKeyPress } from "./hooks/useKeyPress"; import { default as useOktaTokens } from "./hooks/useOktaTokens"; import { default as useOnClickOutside } from "./hooks/useOnClickOutside"; +import { default as wafIntercept } from "./util/wafIntercept"; import { measureStore } from "./Store/measureStore"; import { cqlLibraryStore } from "./Store/cqlLibraryStore"; import { routeHandlerStore } from "./Store/routeHandlerStore"; @@ -37,4 +38,5 @@ export { checkUserCanDelete, useFeatureFlags, getOidFromString, + wafIntercept, }; diff --git a/src/util/wafIntercept.ts b/src/util/wafIntercept.ts new file mode 100644 index 0000000..032d7b9 --- /dev/null +++ b/src/util/wafIntercept.ts @@ -0,0 +1,28 @@ +import axios from "axios"; +import DOMPurify from "dompurify"; + +const wafIntercept = () => + axios.interceptors.response.use( + (response) => { + return response; + }, + (error) => { + // Check for WAF block + if ( + error?.response?.status === 403 && + error?.response?.headers["content-type"].includes("text/html") && + JSON.stringify(error.response.data).includes("soc@hcqis.org") + ) { + // eslint-disable-next-line no-console + console.log("WAF Interceptor Triggered"); + + const supportID = error.response.data.includes("ID:") + ? error.response.data.split("ID:")[1].split("
")[0].trim() + : ""; + const body = error.response.data.split("")[1].split("
")[0]; + throw new Error(DOMPurify.sanitize(body, { ALLOWED_TAGS: [] })); // no tags allowed, removes all HTML tags. + } + return Promise.reject(error); + } + ); +export default wafIntercept; From c94f207810d6a0ca08006b3c44d5a334c3e5210c Mon Sep 17 00:00:00 2001 From: Ethan Kaplan Date: Fri, 14 Jun 2024 11:16:50 -0700 Subject: [PATCH 5/7] MAT-7204 npm audit fix --- package-lock.json | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/package-lock.json b/package-lock.json index 22fe74f..97402fc 100644 --- a/package-lock.json +++ b/package-lock.json @@ -4228,11 +4228,11 @@ } }, "node_modules/braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", + "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", "dependencies": { - "fill-range": "^7.0.1" + "fill-range": "^7.1.1" }, "engines": { "node": ">=8" @@ -6369,9 +6369,9 @@ } }, "node_modules/fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", + "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", "dependencies": { "to-regex-range": "^5.0.1" }, @@ -17098,11 +17098,11 @@ } }, "braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", + "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", "requires": { - "fill-range": "^7.0.1" + "fill-range": "^7.1.1" } }, "browser-process-hrtime": { @@ -18711,9 +18711,9 @@ } }, "fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", + "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", "requires": { "to-regex-range": "^5.0.1" } From 7906e26ba318b22cb60fb418e7e8064efeb1ea6e Mon Sep 17 00:00:00 2001 From: Ethan Kaplan Date: Mon, 17 Jun 2024 07:47:57 -0700 Subject: [PATCH 6/7] MAT-7204 add event trigger --- src/util/wafIntercept.ts | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/src/util/wafIntercept.ts b/src/util/wafIntercept.ts index 032d7b9..40a3e98 100644 --- a/src/util/wafIntercept.ts +++ b/src/util/wafIntercept.ts @@ -20,8 +20,15 @@ const wafIntercept = () => ? error.response.data.split("ID:")[1].split("
")[0].trim() : ""; const body = error.response.data.split("")[1].split("
")[0]; - throw new Error(DOMPurify.sanitize(body, { ALLOWED_TAGS: [] })); // no tags allowed, removes all HTML tags. + const purifiedBody = DOMPurify.sanitize(body, { ALLOWED_TAGS: [] }); + + const wafEvent = new CustomEvent("wafReject", { + detail: { message: purifiedBody }, + }); + document.dispatchEvent(wafEvent); + throw new Error(purifiedBody); // no tags allowed, removes all HTML tags. } + return Promise.reject(error); } ); From 99827879b00b388cd621d1d98453b093a4b15f0d Mon Sep 17 00:00:00 2001 From: Ethan Kaplan Date: Mon, 17 Jun 2024 07:50:03 -0700 Subject: [PATCH 7/7] MAT-7204 add support id to the event --- src/util/wafIntercept.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/util/wafIntercept.ts b/src/util/wafIntercept.ts index 40a3e98..18ef7c6 100644 --- a/src/util/wafIntercept.ts +++ b/src/util/wafIntercept.ts @@ -23,7 +23,7 @@ const wafIntercept = () => const purifiedBody = DOMPurify.sanitize(body, { ALLOWED_TAGS: [] }); const wafEvent = new CustomEvent("wafReject", { - detail: { message: purifiedBody }, + detail: { message: purifiedBody, supportId: supportID }, }); document.dispatchEvent(wafEvent); throw new Error(purifiedBody); // no tags allowed, removes all HTML tags.