The API host is changed when the 'refresh' option is selected

[mauromalara]

Wazuh	Elastic	Rev	Security
4.3 (RC6)	7.x	4xxx	Basic, ODFE, Xpack

Browser
Firefox

Description In the 'Management/CDB lists' section, given that 2 tabs are open and a new lists file is created (an API host, different from the one selected in the other tab, is selected previously), when the 'Refresh' option is selected in the first tab (no the one where the file was created) then the list is updated with the file created in the other API host.

Preconditions

1. 2 API hosts should exist

Steps to reproduce

1. Navigate to 'Management/CDB lists' in 2 different tabs
2. In one of them: 2.1. Change the API host 2.2. Select the 'Add new lists file' option and create a new file
3. In the other one: 4.1. Select the 'Refresh' option

Expected Result

1. The API host should not be changed when the 'refresh' option is selected

Actual Result

1. The API host is changed when the 'refresh' option is selected

Screenshots

https://user-images.githubusercontent.com/39094716/164243891-1c98e59d-5e77-4c88-85d4-bcf8c2546630.mp4

[gdiazlo]

~This behavior does not happen in 4.2.6~. We need to further investigate the situation and fix it before release.

[Desvelao]

Research

I tested the reported issue in the Wazuh plugin for 4.2.5, 4.2.6 and 4.3.0 (current development status) and is happening.

The problem is caused due to how the plugin stores and uses the information about the selected Wazuh API host. This data is stored in a cookie called wz-api, which is used to do a request to the Wazuh API host through the endpoint /api/request. When the user selects another Wazuh API host in the selector, the value of the cookie changes.

Details of the problem: Browser tab 1: In a browser tab, navigates to Management/CDB Lists with a Wazuh API host selected, by example, env2. Browser tab 2: Open a new browser tab, and paste the same URL as the browser tab 1. The valud of the wz-api cookie is env2. Change the Wazuh API host to another, in the example, to env1. The value of the wz-api cookie is env1. Click on the Add new lists file and fill the list name and adds some key-value pair. Save. Click on the back button that is to the left of the list name. The table should display the new list file. Browser tab 1: Review that the Wazuh API host selected is env2 that is different from the selected in the browser tab 2. Click on the Refresh button and the table displays the list that was created in the Wazuh API host of the browser tab 1. If reviewing the request or the value of the wz-api cookie, they are env1.

Note that the Wazuh API selector of the browser tab 1 is not updated with the new value of the cookie and maybe we don't have a way to listen the change in the cookie. Moreover, when taking some actions, for example, opening the plugin menu, the Wazuh API Selector is rendered again, and this change of value in the browser tab 1, with the current value of the cookie.

Currently, multiples values are stored in cookies and localstorage with data about the Wazuh API host and index pattern selected. The plugin doesn't support different configuration in differents tabs of the same browser. If we want to support to manage different Wazuh API host or index pattern selections, we could use the SessionStorage to store the values, but maybe this could not be interesting due to the persistence of data or some data as the token of the Wazuh API that was accessible (HttpOnly attribute for the cookie that store the token for the Wazuh API).