fix(frontend): Patch Artifact Storage Key XSS Vulnerability. Fixes #12670 (#12671)

format code



change error response to 500



rework for simple length check



revert unchanged files



fix tests

Signed-off-by: JerT33 <[email protected]>

Author: JerT33

frontend/server/handlers/artifacts.ts

@@ -123,6 +123,10 @@ export function getArtifactsHandler({
       res.status(500).send('Storage key is missing from artifact request');
       return;
     }
+    if (key.length > 1024) {
+      res.status(500).send('Object key too long');
+      return;
+    }
     console.log(`Getting storage artifact at: ${source}: ${bucket}/${key}`);
 
     let client: MinioClient;

frontend/server/integration-tests/artifact-get.test.ts

@@ -821,6 +821,21 @@ describe('/artifacts', () => {
         .get(`/artifacts/get?source=volume&bucket=artifact&key=subartifact/notxist.csv`)
         .expect(500, 'Failed to open volume.');
     });
+
+    it('rejects keys longer than 1024 characters', async () => {
+      const configs = loadConfigs(argv, {
+        AWS_ACCESS_KEY_ID: 'aws123',
+        AWS_SECRET_ACCESS_KEY: 'awsSecret123',
+      });
+      app = new UIServer(configs);
+      const request = requests(app.start());
+      await request
+        .get(
+          '/artifacts/get?source=s3&namespace=test&peek=256&bucket=ml-pipeline&key=' +
+            'a'.repeat(1025),
+        )
+        .expect(500, 'Object key too long');
+    });
   });
 
   describe('/:source/:bucket/:key', () => {