Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

agents/name/:agent_name is case sensitive #467

Closed
skiingyac opened this issue Dec 19, 2019 · 3 comments
Closed

agents/name/:agent_name is case sensitive #467

skiingyac opened this issue Dec 19, 2019 · 3 comments
Assignees
@AdriiiPRodri
Labels
community

Comments

@skiingyac
Copy link

Agent name is basically the hostname. Let's say the name is BoB.

This works: GET /agents/name/BoB
This doesn't: GET /agents/name/bob
This works: /agents?pretty&q=name=BoB
This works: /agents?pretty&q=name=bob

Is there a good reason why /agents/name/:agent_name case-sensitive is case sensitive while /agents?q=name=:agent_name is not? I believe they both should be insensitive (rather than both case sensitive).
@AdriiiPRodri
Copy link
Contributor

Hi @skiingyac,

This is because the 'q' parameter is used to search, which is less restrictive than the /agents/:agent_name endpoint. This endpoint is strict since you are trying to access an agent and this requires that you know exactly its name.

This behavior makes that we can have two or more agents with the same name but that are recognized by capital letters. In this last case, the 'q' parameter should show all the agents regardless the capital letters or not, because it is a filter over a list of agents.

I hope that this answer solves your doubt, in any case, if you have any other doubts, please do not hesitate to ask.

Regards

@AdriiiPRodri AdriiiPRodri self-assigned this Dec 23, 2019
@skiingyac
Copy link
Author

This approach is bad for other systems calling the API, which I believe is what the API is for. Using q= is vulnerable to partial matches. For example, if both foo and foobar exist, q=foo returns both and so requires extra processing in the requestor to filter out partial matches. I guess unfortunately this is the approach I'll have to take but it is particularly bad for short names that could return many partial matches and just cause a lot of overhead. The agents/name/:agent_name API can't be used because it returns NO matches since the most requestors would be treating the hostname case-insensitive and so don't know the precise capitalization. I was very surprised by this since I've not come across another API where username or hostname are case sensitive and so assumed it had to have been an oversight.

@AdriiiPRodri AdriiiPRodri mentioned this issue Jan 16, 2020
Open
@AdriiiPRodri
Copy link
Contributor

Hi @skiingyac,

We have created issue #468 to add this functionality to the Wazuh API. This issue will be closed, in order to better track the development of this functionality.

Best regards,
Adri

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@AdriiiPRodri AdriiiPRodri

Labels
community
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Zenidd @skiingyac @AdriiiPRodri