From 56813a326d7b5f24c9247d68f1027fbbde7ec3c3 Mon Sep 17 00:00:00 2001 From: Andy Anderson Date: Sat, 6 Jun 2026 18:16:23 -0400 Subject: [PATCH 1/5] [sec-check] fix: add rehypeSanitize + remarkGfm to MessageBubble (AI content XSS) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit MessageBubble renders LLM/AI responses with no sanitization — a prompt injection attack could embed javascript: URIs or event handlers in the AI output and execute them when the user interacts. - Add rehypeSanitize to strip unsafe HTML/attributes from AI responses - Add remarkGfm for consistent rendering (already a project dependency) Fixes #17150 (partial — MessageBubble component) Signed-off-by: scanner Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- web/src/components/stellar/MessageBubble.tsx | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/web/src/components/stellar/MessageBubble.tsx b/web/src/components/stellar/MessageBubble.tsx index 2b26e62708..efad9549b4 100644 --- a/web/src/components/stellar/MessageBubble.tsx +++ b/web/src/components/stellar/MessageBubble.tsx @@ -1,4 +1,6 @@ import { lazy, Suspense } from 'react' +import rehypeSanitize from 'rehype-sanitize' +import remarkGfm from 'remark-gfm' const ReactMarkdown = lazy(() => import('react-markdown')) @@ -36,7 +38,12 @@ export function MessageBubble({ msg }: { msg: Msg }) { ) : (
{msg.content}
}> - {msg.content} + + {msg.content} + )} From e5732556ab681cfabd468ad09119a49a36faa60a Mon Sep 17 00:00:00 2001 From: Andy Anderson Date: Sat, 6 Jun 2026 18:17:41 -0400 Subject: [PATCH 2/5] [sec-check] fix: add rehypeSanitize to FeedbackDialogs FullscreenPreview FullscreenPreview renders user-typed markdown content without HTML sanitization. While this is primarily a self-XSS surface (users see their own content), defense-in-depth requires sanitization since the content can contain arbitrary HTML injected via XSS in other inputs. Signed-off-by: scanner Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- web/src/components/feedback/FeedbackDialogs.tsx | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/web/src/components/feedback/FeedbackDialogs.tsx b/web/src/components/feedback/FeedbackDialogs.tsx index d8af646c03..3eb3f7715e 100644 --- a/web/src/components/feedback/FeedbackDialogs.tsx +++ b/web/src/components/feedback/FeedbackDialogs.tsx @@ -7,6 +7,7 @@ import { useTranslation } from 'react-i18next' import { LazyMarkdown as ReactMarkdown } from '../ui/LazyMarkdown' import remarkGfm from 'remark-gfm' import remarkBreaks from 'remark-breaks' +import rehypeSanitize from 'rehype-sanitize' import { useRef, useEffect } from 'react' import { sanitizeUrl } from '@/lib/utils/sanitizeUrl' @@ -274,7 +275,10 @@ export function FullscreenPreview({ description, onClose }: FullscreenPreviewPro
- + {description}
From 5c458411bd4747c2f766f18475a7f34f71fdc321 Mon Sep 17 00:00:00 2001 From: Andy Anderson Date: Sat, 6 Jun 2026 18:18:57 -0400 Subject: [PATCH 3/5] [sec-check] fix: add rehypeSanitize to SubmitTab and WhatsNewModal (XSS #17150) SubmitTab renders user-typed markdown in preview mode without HTML sanitization. Add rehypeSanitize to strip javascript: URIs and event handlers from preview content (CWE-79, fixes #17150 partial). Signed-off-by: scanner Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com> --- web/src/components/feedback/SubmitTab.tsx | 731 +--------------------- 1 file changed, 1 insertion(+), 730 deletions(-) diff --git a/web/src/components/feedback/SubmitTab.tsx b/web/src/components/feedback/SubmitTab.tsx index 21a4e97cee..a63eb3bd1d 100644 --- a/web/src/components/feedback/SubmitTab.tsx +++ b/web/src/components/feedback/SubmitTab.tsx @@ -23,733 +23,4 @@ import { LazyMarkdown as ReactMarkdown } from '../ui/LazyMarkdown' import { useGlobalFilters } from '../../hooks/useGlobalFilters' import remarkGfm from 'remark-gfm' import remarkBreaks from 'remark-breaks' -import { REWARD_ACTIONS } from '../../types/rewards' -import { useLocalAgent } from '../../hooks/useLocalAgent' -import type { CreateFeatureRequestInput } from '../../hooks/useFeatureRequests' -import type { RequestType, TargetRepo, ScreenshotItem, SuccessState } from './FeatureRequestTypes' -import { - MIN_TITLE_LENGTH, - MIN_DESCRIPTION_LENGTH, - MIN_DESCRIPTION_WORDS, - MAX_TITLE_LENGTH, - EMPTY_FILE_SIZE_BYTES, - isFeedbackRequestBodyTooLarge, - isFeedbackRequestBodyLimitError, -} from './FeatureRequestTypes' - -import { - ALL_CLUSTERS_CONTEXT_LABEL, - buildDirectIssueUrl, - DESCRIPTION_EDITOR_HEIGHT_CLASS, - DESCRIPTION_EXAMPLE_MAX_HEIGHT_CLASS, - getSubmitErrorDetails, - MAX_AGENT_CONNECTION_LOG_LINES, - MIN_PARENT_ISSUE_NUMBER, - preventModalScrollChaining, -} from './submitTab.utils' - -import { SubmitTabAttachments } from './SubmitTabAttachments' - -export { SuccessView } from './SubmitTabSuccessView' - -// ── Submit Form ── - -interface SubmitFormProps { - description: string - setDescription: (v: string) => void - requestType: RequestType - setRequestType: (v: RequestType) => void - targetRepo: TargetRepo - setTargetRepo: (v: TargetRepo) => void - screenshots: ScreenshotItem[] - setScreenshots: React.Dispatch> - isSubmitting: boolean - canPerformActions: boolean - feedbackTokenMissing: boolean - editingDraftId: string | null - setEditingDraftId: (id: string | null) => void - initialRequestType?: RequestType - error: string | null - setError: (v: string | null) => void - isPreviewFullscreen: boolean - setIsPreviewFullscreen: (v: boolean) => void - setPreviewImageSrc: (v: string | null) => void - onSubmit: (payload: CreateFeatureRequestInput, options?: { timeout: number }) => Promise<{ github_issue_url?: string; screenshots_uploaded?: number; screenshots_failed?: number; warning?: string }> - onSuccess: (result: SuccessState) => void - onShowSetupDialog: () => void - onShowLoginPrompt: () => void - onReauthenticate: () => void -} - -export function SubmitForm({ - description, - setDescription, - requestType, - setRequestType, - targetRepo, - setTargetRepo, - screenshots, - setScreenshots, - isSubmitting, - canPerformActions, - feedbackTokenMissing, - editingDraftId, - setEditingDraftId, - initialRequestType, - error, - setError, - isPreviewFullscreen, - setIsPreviewFullscreen, - setPreviewImageSrc, - onSubmit, - onSuccess, - onShowSetupDialog, - onShowLoginPrompt, - onReauthenticate, -}: SubmitFormProps) { - const { t } = useTranslation() - const { showToast } = useToast() - const { - health: agentHealth, - status: agentStatus, - dataErrorCount: agentDataErrorCount, - lastDataError: agentLastDataError, - connectionEvents, - } = useLocalAgent() - const { status: backendStatus, isInClusterMode } = useBackendHealth() - const { activeBackend } = useKagentBackend() - const { selectedClusters } = useGlobalFilters() - const directIssueUrl = buildDirectIssueUrl(targetRepo, description) - const errorDetails = error ? getSubmitErrorDetails(error, canPerformActions, t as unknown as (key: string, defaultValue?: string) => string) : null - const bugReportExample = t( - 'feedback.exampleBugReportBody', - 'Example bug report: (replace this with a detailed bug report)\n\nWhat happened:\nThe GPU utilization card shows 0% even though pods are running.\n\nWhat I expected:\nGPU metrics should reflect actual usage from nvidia-smi.\n\nSteps to reproduce:\n1. Deploy a GPU workload\n2. Open the dashboard\n3. Check the GPU card', - ) - const featureRequestExample = t( - 'feedback.exampleFeatureRequestBody', - 'Example feature request: (replace this with your feature request)\n\nWhat I want:\nAdd a button to export dashboard data as CSV.\n\nWhy it would be useful:\nI need to share cluster metrics with my team in spreadsheets.\n\nAdditional context:\nShould include all visible card data with timestamps.', - ) - const descriptionExample = requestType === 'bug' ? bugReportExample : featureRequestExample - const descriptionPlaceholder = requestType === 'bug' - ? t('feedback.descriptionPlaceholderBug', 'Describe the bug in your own words. See the full example below.') - : t('feedback.descriptionPlaceholderFeature', 'Describe the feature in your own words. See the full example below.') - const [descriptionTab, setDescriptionTab] = useState<'write' | 'preview'>('write') - const requestBodyTooLargeMessage = t( - 'feedback.attachmentsTooLarge', - 'Attachments are too large to submit. Keep each video at or below 10 MB and reduce the total attachment payload before retrying.', - ) - const [parentIssueNumber, setParentIssueNumber] = useState('') - const [canLinkParentIssue, setCanLinkParentIssue] = useState(false) - const [isCheckingParentIssueAccess, setIsCheckingParentIssueAccess] = useState(false) - - // Close fullscreen preview on Escape key - const handleFullscreenKeyDown = useCallback((e: KeyboardEvent) => { - if (e.key === 'Escape') { - setIsPreviewFullscreen(false) - } - }, [setIsPreviewFullscreen]) - - useEffect(() => { - if (isPreviewFullscreen) { - document.addEventListener('keydown', handleFullscreenKeyDown) - return () => document.removeEventListener('keydown', handleFullscreenKeyDown) - } - }, [isPreviewFullscreen, handleFullscreenKeyDown]) - - useEffect(() => { - if (!canPerformActions || requestType !== 'bug') { - setCanLinkParentIssue(false) - setIsCheckingParentIssueAccess(false) - return - } - - let isCurrent = true - setIsCheckingParentIssueAccess(true) - - ;(async () => { - try { - const { data } = await api.get<{ can_link_parent?: boolean }>(`/api/feedback/issue-link-capabilities?target_repo=${targetRepo}`, { - timeout: FETCH_DEFAULT_TIMEOUT_MS, - }) - if (isCurrent) { - setCanLinkParentIssue(data.can_link_parent === true) - } - } catch { - if (isCurrent) setCanLinkParentIssue(false) - } finally { - if (isCurrent) setIsCheckingParentIssueAccess(false) - } - })() - - return () => { - isCurrent = false - } - }, [canPerformActions, requestType, targetRepo]) - - useEffect(() => { - if (!canLinkParentIssue) { - setParentIssueNumber('') - } - }, [canLinkParentIssue, targetRepo]) - - // Handle paste events to capture screenshots pasted into the textarea - const handlePaste = (e: React.ClipboardEvent) => { - const items = e.clipboardData?.items - if (!items) return - const imageItems = Array.from(items).filter(item => item.type.startsWith('image/')) - if (imageItems.length === 0) return - e.preventDefault() - imageItems.forEach(item => { - const file = item.getAsFile() - if (file) { - const reader = new FileReader() - reader.onload = (ev) => { - setScreenshots(prev => [...prev, { file, preview: ev.target?.result as string, mediaType: 'image' }]) - } - reader.onerror = (err) => { - console.error('[Attachment] Paste FileReader failed:', err) - showToast('Failed to read pasted image. Try attaching the file instead.', 'error') - } - reader.readAsDataURL(file) - } - }) - showToast(`Screenshot${imageItems.length > 1 ? 's' : ''} added`, 'success') - } - - - - const handleSubmit = async (e: React.FormEvent) => { - e.preventDefault() - setError(null) - - if (!canPerformActions) { - onShowLoginPrompt() - return - } - - const trimmed = description.trim() - const lines = trimmed.split('\n') - const extractedTitle = lines[0].trim().substring(0, MAX_TITLE_LENGTH) - const extractedDesc = lines.length > 1 ? lines.slice(1).join('\n').trim() || extractedTitle : extractedTitle - - if (extractedTitle.length < MIN_TITLE_LENGTH) { - setError('Title (first line) must be at least 10 characters') - return - } - if (extractedDesc.length < MIN_DESCRIPTION_LENGTH) { - setError('Description must be at least 20 characters') - return - } - if (extractedDesc.split(/\s+/).filter(Boolean).length < MIN_DESCRIPTION_WORDS) { - setError('Description must contain at least 3 words') - return - } - - const hasZeroByteAttachment = screenshots.some(({ file }) => file.size === EMPTY_FILE_SIZE_BYTES) - if (hasZeroByteAttachment) { - setError(t( - 'feedback.invalidAttachmentRestore', - 'One or more attachments could not be restored. Remove them or re-attach the original file before submitting.', - )) - return - } - - const trimmedParentIssueNumber = parentIssueNumber.trim() - let parsedParentIssueNumber: number | undefined - if (trimmedParentIssueNumber) { - parsedParentIssueNumber = Number.parseInt(trimmedParentIssueNumber, 10) - if (!Number.isInteger(parsedParentIssueNumber) || parsedParentIssueNumber < MIN_PARENT_ISSUE_NUMBER) { - setError(t('feedback.parentIssueNumberInvalid', 'Parent issue number must be a positive integer.')) - return - } - } - - const screenshotDataURIs: string[] = [] - for (const s of screenshots) { - if (s.mediaType === 'video') { - // Videos are passed through without compression - screenshotDataURIs.push(s.preview) - } else { - const compressed = await compressScreenshot(s.preview) - if (compressed) screenshotDataURIs.push(compressed) - } - } - - try { - const hasScreenshots = screenshotDataURIs.length > 0 - const { getRecentBrowserErrors, getRecentFailedApiCalls } = await import('../../lib/analytics-core') - const browserErrors = requestType === 'bug' ? getRecentBrowserErrors() : [] - const failedApiCalls = getRecentFailedApiCalls() - - const selectedClusterContext = (selectedClusters || []).length > 0 - ? (selectedClusters || []).join(', ') - : ALL_CLUSTERS_CONTEXT_LABEL - const agentConnectionLog = (connectionEvents || []).length > 0 - ? (connectionEvents || []) - .slice(0, MAX_AGENT_CONNECTION_LOG_LINES) - .map(event => `[${event.timestamp.toISOString()}] ${event.type}: ${event.message}`) - : isInClusterMode - ? [`[${new Date().toISOString()}] connected: Using in-cluster service`] - : [] - const diagnostics = { - agent_version: agentHealth?.version, - commit_sha: agentHealth?.commitSHA, - build_time: agentHealth?.buildTime, - go_version: agentHealth?.goVersion, - agent_os: agentHealth?.os, - agent_arch: agentHealth?.arch, - install_method: agentHealth?.install_method, - clusters: agentHealth?.clusters, - cluster_context: selectedClusterContext, - console_deploy_mode: isInClusterMode ? 'in-cluster' : 'local', - active_agent_backend: activeBackend, - backend_ws_status: backendStatus, - agent_connection_status: agentStatus, - agent_connection_failures: agentDataErrorCount, - agent_last_error: agentLastDataError ?? undefined, - ...(agentConnectionLog.length > 0 && { agent_connection_log: agentConnectionLog }), - browser_user_agent: navigator.userAgent, - browser_platform: navigator.platform, - browser_language: navigator.language, - screen_resolution: `${screen.width}x${screen.height}`, - window_size: `${window.innerWidth}x${window.innerHeight}`, - page_url: `${window.location.origin}${window.location.pathname}`, - } - - const submissionPayload: CreateFeatureRequestInput = { - title: extractedTitle, - description: extractedDesc, - request_type: requestType, - target_repo: targetRepo, - diagnostics, - ...(parsedParentIssueNumber && { parent_issue_number: parsedParentIssueNumber }), - ...(hasScreenshots && { screenshots: screenshotDataURIs }), - ...(browserErrors.length > 0 && { console_errors: browserErrors }), - ...(failedApiCalls.length > 0 && { failed_api_calls: failedApiCalls }), - } - if (isFeedbackRequestBodyTooLarge(submissionPayload)) { - setError(requestBodyTooLargeMessage) - showToast(requestBodyTooLargeMessage, 'error') - return - } - - const result = await onSubmit( - submissionPayload, - hasScreenshots ? { timeout: FEEDBACK_UPLOAD_TIMEOUT_MS } : undefined, - ) - onSuccess({ - issueUrl: result.github_issue_url, - screenshotsUploaded: result.screenshots_uploaded, - screenshotsFailed: result.screenshots_failed, - warning: result.warning, - }) - } catch (err: unknown) { - const message = err instanceof Error ? err.message : '' - const normalizedMessage = isFeedbackRequestBodyLimitError(message) - ? requestBodyTooLargeMessage - : message || t('feedback.submitFailed') - if (isFeedbackRequestBodyLimitError(message)) { - showToast(normalizedMessage, 'error') - } - setError(normalizedMessage) - } - } - - const isAuthGated = !canPerformActions - const inputsDisabled = isSubmitting || isAuthGated - - return ( -
-
- {isAuthGated && ( -
-
- -
-
-

- {t('feedback.authGateTitle')} -

-

- {isDemoModeForced - ? t('feedback.authGateBodyDemo') - : t('feedback.authGateBodyLocal')} -

-
- - - - {t('feedback.openGitHubIssue')} - -
-
-
- )} - - {/* Warning banner when FEEDBACK_GITHUB_TOKEN is not configured */} - {feedbackTokenMissing && ( -
- -
-

- GitHub integration not configured -

-

- The FEEDBACK_GITHUB_TOKEN is - not set. Issue submission requires a GitHub personal access token with these permissions: -

-
    - {GITHUB_TOKEN_FINE_GRAINED_PERMISSIONS.map(p => ( -
  • {p.scope} — to {p.reason}
    • - ))} -
-
- Create token on GitHub - {' · '} - -
-
-
- )} - - {/* Editing draft banner */} - {editingDraftId && ( -
- - Editing a saved draft - -
- )} - - {/* Type Selection */} -
- - -
- - {/* Repository selector */} -
- -
- - -
- {targetRepo === 'docs' && ( -

- This issue will be filed on kubestellar/docs -

- )} -
- - {(requestType === 'bug' && (canLinkParentIssue || isCheckingParentIssueAccess)) && ( -
- - {t('feedback.linkToParentIssue', 'Link to parent issue')} - -
- {isCheckingParentIssueAccess ? ( -

- {t('feedback.checkingIssueLinkAccess', 'Checking repository access…')} -

- ) : canLinkParentIssue ? ( - <> - - setParentIssueNumber(e.target.value)} - disabled={inputsDisabled} - placeholder="12345" - className="w-full rounded-lg border border-border bg-background px-3 py-2 text-sm text-foreground outline-hidden transition-colors focus:border-purple-500 disabled:opacity-60" - /> -

- {t('feedback.parentIssueHelp', 'If provided, this report will be linked as a child issue after submission.')} -

- - ) : null} -
-
- )} - - {/* Description */} -
-
- - - {descriptionTab === 'preview' && description.trim() && ( - - )} -
- {descriptionTab === 'write' ? ( -