security-dashboards-plugin icon indicating copy to clipboard operation
security-dashboards-plugin copied to clipboard

Published 20 hours ago verified publisher icon opensearch-project

[BUG] Invalid next URL when session expired

Open Hailong-am opened this issue 1 year ago • 5 comments

What is the bug?

Here is the url with error

http://localhost:5601/app/login?nextUrl=%2Fapp%2Fopensearch_index_management_dashboards_%252Frollups#/rollups?from=0&search=&size=20&sortDirection=desc&sortField=_id

{
    "statusCode": 400,
    "error": "Bad Request",
    "message": "[request query.nextUrl]: Invalid nextUrl parameter."
}

The nextUrl is /app/opensearch_index_management_dashboards_%2Frollups Based on the validation rule, it has %2F which is not allowed.

https://github.com/opensearch-project/security-dashboards-plugin/blob/506d803b868002f131a65d0d7ad370625454a8e4/server/utils/next_url.ts#L75-L80

How can one reproduce the bug? Steps to reproduce the behavior:

  1. Enable workspace and goes into a workspace
  2. Go to http://localhost:5601/app/opensearch_index_management_dashboards_%2Frollups#/rollups?dataSourceId=&from=0&search=&size=20&sortDirection=desc&sortField=_id
  3. Wait for session expired
  4. See error

What is the expected behavior? A clear and concise description of what you expected to happen.

What is your host/environment?

  • OS: [e.g. iOS]
  • Version [e.g. 22]
  • Plugins

Do you have any screenshots? If applicable, add screenshots to help explain your problem.

Do you have any additional context?

Hailong-am avatar Oct 11 '24 00:10 Hailong-am