Jakub Onderka
cb41c4ad92
chg: [internal] Move AUTOMATION_ARRAY definition to IndexFilterComponent
2022-09-22 14:48:50 +02:00
Sami Mokaddem
43db6f02ff
chg: [periodic_notification] Small UI improvements
2022-09-12 14:19:50 +02:00
Raphaël Vinot
25e9684297
chgL [PyMISP] Bump
2022-09-09 14:01:20 +02:00
Sami Mokaddem
0d4aa566fc
chg: [appController] Bumped queryversion
2022-08-24 09:55:13 +02:00
iglocska
c764bb0e8f
Merge branch 'log_last_api' into develop
2022-08-11 09:36:30 +02:00
Raphaël Vinot
412dcd7b10
chg: [PyMISP] Bump version
2022-08-04 18:06:16 +02:00
Tom King
de351faaac
new: [internal] Add option to log last API request
2022-08-01 15:02:49 +01:00
Luciano Righetti
e53b10d18b
chg: refactor so can be re-used
2022-07-20 16:11:49 +02:00
Sami Mokaddem
6f9d9a20d4
new: [event-report] Added support of mermaid
2022-07-13 11:41:31 +02:00
Sami Mokaddem
3fe30cdb48
chg: [appController] Bump query version
2022-07-12 14:20:26 +02:00
Jakub Onderka
27ff97a3a3
chg: [internal] restSearch cleanup
2022-06-30 13:35:29 +02:00
Jakub Onderka
83190f31c2
Merge pull request #8452 from JakubOnderka/restSearchExport-description
...
chg: [UI] Event export description
2022-06-30 10:10:06 +02:00
Jakub Onderka
640a732c29
Merge pull request #8358 from JakubOnderka/memory-leak-fix
...
fix: [internal] PHP memory leak
2022-06-29 13:32:26 +02:00
Jakub Onderka
2964335f04
chg: [UI] Event export description
2022-06-16 09:19:53 +02:00
Raphaël Vinot
b1a5979fcb
chg: [PyMISP] Bump
2022-05-30 11:05:41 +02:00
Jakub Onderka
6c84e7deb9
chg: [internal] Use `BetterCakeEventManager` for AppController
2022-05-22 18:20:15 +02:00
Jakub Onderka
e75b706de9
chg: [internal] Show event tags closes sessions soon
2022-05-22 15:40:13 +02:00
Luciano Righetti
217be89e00
new: add MysqlExtended DboSource to support index query hints
2022-05-19 11:08:31 +02:00
Jakub Onderka
2f7c671adb
new: [internal] Simplify checking if connection is MySQL/MariaDB
2022-05-14 10:17:06 +02:00
Jakub Onderka
e86a02e7c6
chg: [UI] Fetch job progress in one query
2022-05-13 19:17:27 +02:00
Sami Mokaddem
2dfee9f445
fix: [event-graph] Event timeline shortcut do not override the ones from the eventgraph anymore
2022-05-10 15:36:46 +02:00
Jakub Onderka
2294232442
fix: [internal] Strict types
2022-05-07 10:40:41 +02:00
Sami Mokaddem
c4f7a6e4f0
new: [clusters:attachMultipleClusters] Allow mirroring attribute clusters to events
...
Added a new checkbox while picking tags to also tag the event with the tags to be attached to the attribute.
2022-04-26 12:27:17 +02:00
iglocska
be9fb9e802
Merge branch 'develop' of github.com:MISP/MISP into develop
2022-04-19 15:18:40 +02:00
iglocska
bb3b7a7e91
fix: [security] stored XSS fixed in event graph
...
- unsanitised javascript insertion of tag name in the filters
- as reported by Dawid Czarnecki of Zigrin Security on behalf of the Luxembourg Army
2022-04-18 00:49:21 +02:00
Jakub Onderka
ff55803a17
fix: [internal] User model can be null
2022-04-10 15:08:52 +02:00
Jakub Onderka
2b61648184
new: [internal] Proper method for json decoding in controller
2022-04-10 09:50:12 +02:00
Sami Mokaddem
57b62dc511
chg: [events:index] Usage of UUIDfor restSearchExport feature
2022-03-31 15:27:06 +02:00
Sami Mokaddem
8afcc6552b
chg: [events:index] Usage of UUIDfor restSearchExport feature
2022-03-31 15:25:07 +02:00
Raphaël Vinot
7650f2d003
chg: [PyMISP] Bump version
2022-03-24 15:32:06 +01:00
iglocska
bd047201a6
fix: [publish] button missing for users, fixes #8233
2022-03-21 17:08:03 +01:00
iglocska
ff9cd40221
chg: [queryversion] bumped
2022-03-17 16:12:13 +01:00
Raphaël Vinot
cbc7361f40
chg: [PyMISP] BUmp version
2022-03-03 15:13:22 +01:00
Jakub Onderka
e1774abe80
new: [oidc] Check user validity
2022-02-19 16:07:10 +01:00
iglocska
c282ea8063
fix: [language] fix (exception text)
2022-02-04 16:25:20 +01:00
Sami Mokaddem
a6dd8572ac
chg: [js:markdown-it] Update markdown-it library from version 11.0.0 to version 12.3.2
2022-01-18 15:04:53 +01:00
Sami Mokaddem
2d5d16431a
fix: [appController:loginByAuthkey] Skip authentication with basic authorization
...
Fix #7576 .
Basic Auth might happen for some setup where the authentication is performed by another component such as LDAP.
For these cases, the Authorization header is present and contains the Basic Auth data used by the authentication plugin. Before this patch, MISP failed to resolve the API key to a user and threw a 403. This was because MISP detected the presence of the Authorization header which triggered an authentication by Authkey that would always fail as the content is not a valid API key.
2022-01-18 14:28:09 +01:00
Jakub Onderka
50d284b643
Merge pull request #7986 from JakubOnderka/better-security
...
chg: [internal] Do not modify session when not necessary
2021-12-30 14:40:01 +01:00
Raphaël Vinot
df84346bb2
chg: [PyMISP] Bump version
2021-12-22 11:14:21 +01:00
Sami Mokaddem
5cdc0cc7a7
chg: [app] Bumped query version
2021-12-17 11:38:34 +01:00
Sami Mokaddem
8cf2914142
new: [event-timeline] Support of image attachments
2021-12-08 12:14:13 +01:00
Luciano Righetti
ed85319d7b
fix: typos, bump js version
2021-12-06 16:20:51 +01:00
iglocska
72548fd9a4
fix: [UI] Ajax forms lose persistence
...
- generic Form builder now has the persistence baked in
- capture all form fields' data before submiting as expected
2021-12-02 14:03:20 +01:00
Jakub Onderka
cb41232777
chg: [internal] Remove useless session closing
2021-11-25 12:01:48 +01:00
Jakub Onderka
b100377a73
chg: [internal] Do not modify session when not necessary
2021-11-25 11:58:32 +01:00
Jakub Onderka
d20795b08c
fix: [internal] Old style view class
2021-11-22 09:58:24 +01:00
Jakub Onderka
41db04ad47
chg: [internal] Avoid calling unnecessary method
2021-11-22 09:58:23 +01:00
Jakub Onderka
5aa1e0cb3b
chg: [internal] Element file cache
2021-11-22 09:58:23 +01:00
Jakub Onderka
e2a0644111
chg: [internal] Move some checks to beforeRender method
2021-11-22 09:58:23 +01:00
Raphaël Vinot
94519efb17
chg: Bump PyMISP
2021-11-19 01:55:58 -08:00