github-mirrors/VictoriaMetrics

Fork 0

mirror of https://github.com/VictoriaMetrics/VictoriaMetrics.git synced 2024-12-11 14:53:49 +00:00

Commit graph

Author SHA1 Message Date

Author	SHA1	Message	Date
Aliaksandr Valialkin	893a555051	Revert "lib/protoparser/opentelemetry/firehose: escape requestID before returning it to user (#6451 )" This reverts commit `cd1aca217c`. Reason for revert: this commit has no sense, since the firehose response has application/json content-type, so it must contain JSON-encoded timestamp and requestId fields according to https://docs.aws.amazon.com/firehose/latest/dev/httpdeliveryrequestresponse.html#responseformat . HTML-escaping the requestId field may break the response, so the client couldn't correctly recognize the html-escaped requestId. Updates https://github.com/VictoriaMetrics/VictoriaMetrics/pull/6451	2024-07-16 09:50:16 +02:00
Roman Khavronenko	8c8d84e30a	lib/protoparser/opentelemetry/firehose: escape requestID before returning it to user (#6451 ) All user input should be sanitized before rendering. This should prevent possible attacks. See https://github.com/VictoriaMetrics/VictoriaMetrics/security/code-scanning/203 Signed-off-by: hagen1778 <roman@victoriametrics.com>	2024-06-10 18:06:24 +02:00
Aliaksandr Valialkin	faa2ba828a	app/vmagent: simplify code after `509df44d03` - Simplify the code in order to improve its maintenance - Properly pass tenant ID when processing multi-tenant opentelemetry request at vmagent Updates https://github.com/VictoriaMetrics/VictoriaMetrics/pull/6016	2024-04-03 02:50:46 +03:00

Aliaksandr Valialkin

893a555051

Revert "lib/protoparser/opentelemetry/firehose: escape requestID before returning it to user (#6451 )"

This reverts commit cd1aca217c.

Reason for revert: this commit has no sense, since the firehose response has application/json content-type,
so it must contain JSON-encoded timestamp and requestId fields according to https://docs.aws.amazon.com/firehose/latest/dev/httpdeliveryrequestresponse.html#responseformat .
HTML-escaping the requestId field may break the response, so the client couldn't correctly recognize the html-escaped requestId.

Updates https://github.com/VictoriaMetrics/VictoriaMetrics/pull/6451

2024-07-16 09:50:16 +02:00

Roman Khavronenko

8c8d84e30a

lib/protoparser/opentelemetry/firehose: escape requestID before returning it to user (#6451 )

All user input should be sanitized before rendering. This should prevent
possible attacks. See
https://github.com/VictoriaMetrics/VictoriaMetrics/security/code-scanning/203

Signed-off-by: hagen1778 <roman@victoriametrics.com>

2024-06-10 18:06:24 +02:00

Aliaksandr Valialkin

faa2ba828a

app/vmagent: simplify code after 509df44d03

- Simplify the code in order to improve its maintenance
- Properly pass tenant ID when processing multi-tenant opentelemetry request at vmagent

Updates https://github.com/VictoriaMetrics/VictoriaMetrics/pull/6016

2024-04-03 02:50:46 +03:00

3 commits