Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[7.17] Fix code scanning alert no. 456: Incomplete string escaping or…
… encoding (elastic#193909) (elastic#198243) # Backport This will backport the following commits from `main` to `7.17`: - Fix code scanning alert no. 456: Incomplete string escaping or encoding (elastic#193909) (7458ff1) <!--- Backport version: 8.9.8 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sqren/backport) <!--BACKPORT [{"author":{"name":"Nathan L Smith","email":"[email protected]"},"sourceCommit":{"committedDate":"2024-09-25T21:30:52Z","message":"Fix code scanning alert no. 456: Incomplete string escaping or encoding (elastic#193909)\n\nFixes\r\n[https://github.com/elastic/kibana/security/code-scanning/456](https://github.com/elastic/kibana/security/code-scanning/456)\r\n\r\nTo fix the problem, we need to ensure that backslashes are also escaped\r\nin the `value` string. This can be done by first replacing backslashes\r\nwith double backslashes and then replacing double quotes with escaped\r\ndouble quotes. This ensures that all occurrences of backslashes and\r\ndouble quotes are properly escaped.\r\n\r\n- Modify the `value.replace` call to first escape backslashes and then\r\nescape double quotes.\r\n- The changes will be made in the `createFilterFromOptions` function,\r\nspecifically on line 128.\r\n\r\n\r\n_Suggested fixes powered by Copilot Autofix. Review carefully before\r\nmerging._\r\n\r\nCo-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>","sha":"7458ff11174fe184afe4ec93c858f89063296abe"},"sourceBranch":"main","suggestedTargetBranches":[],"targetPullRequestStates":[]}] BACKPORT-->
- Loading branch information
