Removing redundant field output, VSCode linting fix and possible XSS precaution (!9) · Merge requests · Adarma Public Projects / Splunk / TA-VirusTotal

Fixed VSCode linting by adding a file specifying the library path before the application is built. It'll make it easier to develop with easier function signature lookups.

Wrapped every singular variable template concat in escape function within the dashboard page to hopefully eliminate possible XSS vulnerabilities, unfortunately, no test currently exists for it due to Splunk possibly handling it itself. It should be good as a precautionary measure regardless since it does not change the functionality, this was tested manually.

Biggest change being removing fields insertion into records when they are not needed by using JSON mode, again, tested manually as following in after and before format: Hashes: | makeresults | eval value="275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f" | virustotal hash=value mode="json"

IPs: | makeresults | eval value="1.1.1.1" | virustotal ip=value mode="json"

Domain: | makeresults | eval value="google.com" | virustotal domain=value mode="json"

URL: | makeresults | eval value="http://maliciouswebsitetest.com/" | virustotal url=value mode="json"

Removing redundant field output, VSCode linting fix and possible XSS precaution

Merge request reports