- forms are now dynamically pulled onclick
- performance greatly enhanced
- solves the issues with the CSRF protection kicking in if the user edits a field after using the back button
- users can now edit all fields in an attribute whilst on the event page
- issues left to fix:
- tag changes after an attribute change run into CSRF protection
- batch add not handled gracefully yet
- going back to the event view and editing a field gives users an error message over the CSRF protection - instead, silently check if the page is loaded in a dirty way and refresh the ajax fields silently
- quickadd of attributes still missing
- Users can now elect to receive their attribute search results in the new alternative view
- instead of receiving a list of attributes matching the search options, users are presented with a list of events that contain matching attributes
- number of matches and a percentage of those matches being marked as indicators for IDSes are shown
- the events are ordered by the percentage of IDS worthy attribute
- A colon in the tag search tag will render the tag search invalid. Since colons are commonly used in tag names, this poses an issue - users should use a semi-colon instead, which gets automatically converted to a colon.
- Threatconnect import now allows any valid threatconnect csv file to be imported as long as type, value, confidence, description and source are included
- xml version now included in the xml exports
- MISP will now check the xml version on all imports related to sync / add MISP XML and try to update the incoming info if it detects an older version
- exports now take tag names as a parameter (affected exports: XML, text, HIDS, NIDS)
- eventtags now correctly get removed when an event is deleted
- cleaned up the methods, they all now return results without debug mode enabled
- Added a verification method for all user GPG keys (as an expired key for example would send out empty messages)
- authorization key should be sent through headers.
- passing it in the url is deprecated
- updated automation page to reflect the changes
- csv export now has headers
- you can now upload a certificate file and allow a server link to use a provided self signed certificate. This should solve the issues that some organisations are having when trying to connect their instances
Also, more work on the background jobs
- started work on publishing
- started making the background jobs an optional setting in bootstrap
Conflicts:
app/Controller/AppController.php
app/Controller/EventsController.php
Some small travins changes too.
FYI there's an automated travis build available at
https://travis-ci.org/MISP/MISP
We don't have unit testing and travis setup is subpar so everything will fail
for now.
- users can now download attachments using the APIkey
- security issue fixed where a user could download attachments that he/she can't even see by navigating to attributes/download/<attribute_id>
- users can search RESTfully for attributes based on various filtering mechanisms and get either an event that includes the located attribute(s) or just an array of attributes returned.
- users can also request all attributes of a (or several) types and get them returned as an XML
- GFI import issue fixed with attribute ID 1 not existing causing the
import to fail for several attributes
- GFI import change: registry keys with binary value are now artifacts
dropped instead of persistance mechanism
- GFI import change: files with size of 0 will be omitted
- file attachment download change: moved away from the deprecated media
view in favour of cakeresponse->file()
iglocska