cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Shukran
Explorer
Member since: ‎09-26-2022
‎01-05-2023
Community Statistics
Posts 8
Solutions 1
Karma Given 1
Karma Received 0
Member Since ‎09-26-2022
View All

Re: Fix the javascript issue in this appserver bui...

by in Splunk Dev
‎11-07-2022 06:09 AM
‎11-07-2022 06:09 AM
I got it working. Posting the process here in-case someone else has the same issue. Downloaded AOB 3.0.1 Create a new add-on with same name and id. Copy existing files in $SPLUNK_HOME/etc/apps/<app_folder> Update the views in Splunk UI Export from AOB Update AOB version Import the project   ... View more

Fix the javascript issue in this appserver build f...

by in Splunk Dev
‎11-02-2022 11:08 PM
‎11-02-2022 11:08 PM
Hi I am trying to fix the vulnerable_javascript_library_usage error in Splunk Add-on Builder for appserver/static/js/build/common.js). There are a couple of answered posts that mention the fix as: Export the app from any Add-on Builder Import the app into Add-on Builder v4.1.0 or newer Download the app packaged from Add-on Builder v4.1.0 or newer The issue I am facing is that I have inherited the maintenance for the add-on and don’t have an app export from the original Add-on Builder. I have tried a couple of things that include importing the spl and tgz files as a project in AOB but cannot import them as it shows an error while extracting the files. I tried to create a new add-on with the same name and replace the files in that with the files from the downloaded tgz from Splunkbase. On exporting the created add-on and importing it again it shows an error when extracting that it's not a valid compressed file. Also, I tried to just remove the common.js file which breaks the add-on when we run it on windows machines. Is there any other way I can fix this? Or how can I import the add-on in AOB? Thanking you in advance. ... View more
Labels

How to fix error: Detect usage of JavaScript libra...

by in Splunk Dev
‎10-26-2022 11:15 PM
‎10-26-2022 11:15 PM
Hello, I am trying to fix an error in for an inherited add-on that i am maintaining. category: app_cert_validation description: Detect usage of JavaScript libraries with known vulnerabilities. ext_data: { [+] message_id: 7002 rule_name: Validate app certification severity: Fatal solution: 3rd party CORS request may execute parseHTML) executes scripts in event handlers jQuery before 3.4.0, as used in Drupal Backdrop CMS, and other products, mishandles jQuery.extend(true, (], ..) because of Object.prototype pollution Regex in its Query.htmlPrefilter sometimes may introduce XSS Regex in its jQuery.htmlPrefilter sometimes may introduce XSS reDOS - regular expression denial of service Regular Expression Denial of Service (ReDoS) Regular Expression Denial of Service (ReDoS) This vulnerability impacts pm (server) users of moment. js, especially if user provided locale string, eg fr is directly used to switch moment locale. status: Fail sub_category: Checks related to JavaScript usage I checked some community questions, one of the answer mentions the below fix. Export the app from any Add-on Builder Import the app into Add-on Builder v4.1.0 or newer Download the app packaged from Add-on Builder v4.1.0 or newer I don't have the original app export and cannot import that to new AOB. I tried importing a tgz file but that gives an error. Is there any other way I can fix this or something else i can try? ... View more
Labels

How fix check that Splunk SDK for Python is up-to-...

by in Splunk Dev
‎09-26-2022 09:51 AM
‎09-26-2022 09:51 AM
Hello, I have inherited the maintenance for an app and it has a couple of errors that need to be fixed. I have fixed all the others except the one mentioned here. category: app_cert_validation description: Check that Splunk SDK for Python is up-to-date. ext_data: ([+] message_id: 7004 messages: (("result": "failure" "message": "Detected an outdated version of the Splunk SDK for Python (1.6.6). Please upgrade to version 1.6.16 or later. File: bin/.../aob_py2/solnlib/packages/splunklib/binding.py", "message_filename" "bin/.../aob_py2/solnlib/packages/splunklib/binding.py","message_line":null),("result":"failure" "message" "Detected an outdated version of the Splunk SDK for Python (1.6.6). Please upgrade to version 1.6.16 or later. File: bin/.../aob_py2/splunklib/binding.py" "message_filename" "bin/.../aob_py2/splunklib/binding.py', "message_line": null} A couple more files have the same error. It looks like all are Add-on Builder files and i am not sure how to fix this. Also, I cannot import the add-on in Splunk Add-on Builder as i dont have an original extracted version. ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎01-05-2023 08:16 AM
Karma given to
View All