Static analysis fixes #1012
Draft
Static analysis fixes #1012
+430
−63
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sanitize AJAX response content before inserting into DOM to prevent Cross-Site Scripting attacks in the preview hosts modal. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
- Add URL scheme validation to prevent javascript: and data: schemes - Validate hostname matches expected cockpit URL before redirecting - Add proper error handling for invalid URIs - Remove conditional query parameter setting in favor of secure-only approach 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
Correct invalid switch case syntax from 'case "running" || "pending":' to proper multiple case labels that both evaluate to the same logic. The || operator was causing "pending" to be unreachable dead code. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
Add null-safe access to apiResponse.results to prevent potential null pointer exceptions when apiResponse is null or undefined. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
Add null-safe access to preview.plain to prevent potential null pointer exceptions when preview object is null or undefined. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
ehelms
force-pushed
the
static-analysis-fixes
branch
from
f06c2b6 to
5bc0570
Compare
Correct invalid switch case syntax from 'case "running" || "pending":' to proper multiple case labels that both evaluate to the same logic. The || operator was causing "pending" to be unreachable dead code. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
Rename 'apiKey' to 'TEST_API_KEY' to make it clear this is a test constant and not a hardcoded secret, addressing static analysis warning. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
- Add null checks before accessing input.name in forEach loops - Add consistent null-safe access to scheduleValue.scheduleType - Prevents potential null pointer exceptions when input or scheduleValue are null 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
Replace object literal with || null (which creates unreachable dead code) with proper conditional logic that can actually return null when needed. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
Add early null check for input parameter to prevent accessing properties on null/undefined input objects, ensuring consistent null safety throughout the function. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
Add consistent null-safe access to response properties to prevent potential null pointer exceptions when response object is null or undefined. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
Add null fallback to scheduleValue destructuring assignment to prevent null pointer exceptions when scheduleValue is null or undefined. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
Add allow_other_host: true parameter to redirect_to call to address Rails security changes that now require explicit permission for redirects to other hosts. The redirect is already validated against the expected hostname on line 24, making this safe. Fixes test failures: - test_0008_should allow redirect to valid cockpit URL - test_0009_should allow redirect with http scheme to same hostname - test_0010_should handle case insensitive scheme validation 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <[email protected]>
ehelms
force-pushed
the
static-analysis-fixes
branch
from
5bc0570 to
ef2b21c
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is an attempt to fix a number of static analysis finds in a systematic way. Each find is it's own commit, and if it's easier I can break this up into a multiple pull requests.