Without this patch, when user is not site admin, for all feeds is showed 'Not cached', that is not true. And it also generates a lot of warnings to debug log.
- added the ability to select an orgc ID for CSV/freetext feeds
- all events created from this feed will carry the selected orgc_id
- Refactored the index fully
- using the factories
- better warnings against the dangerous new feed each pull setting
- event index search added
- several settings cleaned up / made more clear
- auto reload of default feed configuration disabled, fixes#2542, fixes#5789
- added a button / endpoint to handle that instead to allow for the deleted default feeds to stay deleted
- By adding local feeds, a malicious administrator could point MISP to ingest configuration files that the apache user has access to
- This includes some more sensitive files (database.php / config.php / .gnupg data)
- Whilst this is currently not leading to an exploitable vulnerability as the current implementation wouldn't trigger on the values,
having a setting to disable this will become much more interesting once we have a system in place for custom feed parsers
- The setting can only be enabled/disabled via the CLI
- As reported by Matthias Weckbecker
- fixed error during update Job date_modified field (SQLSTATE[22008]:
Datetime field overflow: 7 ERROR: date/time field value out of range)
- fixed error during fetching events while updating from feeds (
SQLSTATE[42P01]: Undefined table: 7 ERROR: missing FROM-clause entry for
table events)
- fixed Feed edit view with wrong boolean forms (combobox instead
checkbox)
There is still much work to be done. But we are on the road.
Ideally, and in order to avoid code dupplicates, we should have some utility functions to generate a proper and accessible yes/no icon, an accessible icon link, etc. This would prevent the code from being filled with "aria-label" tags, since the "title" and "aria-label" properties are nearly always the same.