Renderer: Add sanitize API (#50936)

* svg fun * #50597: add proto * #50597: add sanitizer methods * #50597: add provider * #50597: use sanitizer * #50597: use sanitizer * update grafana to match new api * add comments * add capability check * add timing * update sanitize path * improve log message * strings.HasPrefix rather than filepath.IsAbs * filepath.Clean + filepath.ToSlash for windows * read 404 * remove `path.clean` from `getPathAndScope` * add resp body close * remove unneeded prop * Update pkg/services/rendering/rendering.go Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com> * remove test files * filepath.ToSlash correct wrapping * filepath.ToSlash correct wrapping * filepath.ToSlash comment * compilation error * lint fix * fix error message * Update pkg/services/rendering/rendering.go Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com> * add `image/svg+xml` mime type * refactored log * refactored log Co-authored-by: Agnès Toulet <35176601+AgnesToulet@users.noreply.github.com>
2025-02-25 18:55:37 -06:00 · 2022-07-07 15:32:18 +04:00
parent f279699beb
commit e96f67ae2e
21 changed files with 710 additions and 28 deletions
--- a/pkg/services/store/http.go
+++ b/pkg/services/store/http.go
@@ -126,6 +126,11 @@ func (s *httpStorage) Read(c *models.ReqContext) response.Response {
 	if err != nil {
 		return response.Error(400, "cannot call read", err)
 	}
+
+	if file == nil || file.Contents == nil {
+		return response.Error(404, "file does not exist", err)
+	}
+
 	// set the correct content type for svg
 	if strings.HasSuffix(path, ".svg") {
 		c.Resp.Header().Set("Content-Type", "image/svg+xml")
--- a/pkg/services/store/sanitize.go
+++ b/pkg/services/store/sanitize.go
@@ -6,20 +6,44 @@ import (

 	"github.com/grafana/grafana/pkg/infra/filestorage"
 	"github.com/grafana/grafana/pkg/models"
+	"github.com/grafana/grafana/pkg/services/rendering"
+	"github.com/grafana/grafana/pkg/services/store/sanitizer"
 )

-func (s *standardStorageService) sanitizeUploadRequest(ctx context.Context, user *models.SignedInUser, req *UploadRequest, storagePath string) (*filestorage.UpsertFileCommand, error) {
+func (s *standardStorageService) sanitizeContents(ctx context.Context, user *models.SignedInUser, req *UploadRequest, storagePath string) ([]byte, error) {
 	if req.EntityType == EntityTypeImage {
 		ext := filepath.Ext(req.Path)
-		//nolint: staticcheck
 		if ext == ".svg" {
-			// TODO: sanitize svg
+			resp, err := sanitizer.SanitizeSVG(ctx, &rendering.SanitizeSVGRequest{
+				Filename: storagePath,
+				Content:  req.Contents,
+			})
+			if err != nil {
+				if s.cfg.allowUnsanitizedSvgUpload {
+					grafanaStorageLogger.Debug("allowing unsanitized svg upload", "filename", req.Path, "sanitizationError", err)
+					return req.Contents, nil
+				} else {
+					grafanaStorageLogger.Debug("disallowing unsanitized svg upload", "filename", req.Path, "sanitizationError", err)
+					return nil, err
+				}
+			}
+
+			return resp.Sanitized, nil
 		}
 	}

+	return req.Contents, nil
+}
+
+func (s *standardStorageService) sanitizeUploadRequest(ctx context.Context, user *models.SignedInUser, req *UploadRequest, storagePath string) (*filestorage.UpsertFileCommand, error) {
+	contents, err := s.sanitizeContents(ctx, user, req, storagePath)
+	if err != nil {
+		return nil, err
+	}
+
 	return &filestorage.UpsertFileCommand{
 		Path:               storagePath,
-		Contents:           req.Contents,
+		Contents:           contents,
 		MimeType:           req.MimeType,
 		CacheControl:       req.CacheControl,
 		ContentDisposition: req.ContentDisposition,
--- a/pkg/services/store/sanitizer/Provider.go
+++ b/pkg/services/store/sanitizer/Provider.go
@@ -0,0 +1,23 @@
+package sanitizer
+
+import (
+	"context"
+	"errors"
+
+	"github.com/grafana/grafana/pkg/services/rendering"
+)
+
+// workaround for cyclic dep between the store and the renderer
+
+type Provider struct{}
+
+var SanitizeSVG = func(ctx context.Context, req *rendering.SanitizeSVGRequest) (*rendering.SanitizeSVGResponse, error) {
+	return nil, errors.New("not implemented")
+}
+
+func ProvideService(
+	renderer rendering.Service,
+) *Provider {
+	SanitizeSVG = renderer.SanitizeSVG
+	return &Provider{}
+}
--- a/pkg/services/store/service.go
+++ b/pkg/services/store/service.go
@@ -48,9 +48,14 @@ type StorageService interface {
 	sanitizeUploadRequest(ctx context.Context, user *models.SignedInUser, req *UploadRequest, storagePath string) (*filestorage.UpsertFileCommand, error)
 }

+type storageServiceConfig struct {
+	allowUnsanitizedSvgUpload bool
+}
+
 type standardStorageService struct {
 	sql  *sqlstore.SQLStore
 	tree *nestedTree
+	cfg  storageServiceConfig
 }

 func ProvideService(sql *sqlstore.SQLStore, features featuremgmt.FeatureToggles, cfg *setting.Cfg) StorageService {
@@ -83,6 +88,9 @@ func ProvideService(sql *sqlstore.SQLStore, features featuremgmt.FeatureToggles,

 	s := newStandardStorageService(globalRoots, initializeOrgStorages)
 	s.sql = sql
+	s.cfg = storageServiceConfig{
+		allowUnsanitizedSvgUpload: false,
+	}
 	return s
 }

--- a/pkg/services/store/utils.go
+++ b/pkg/services/store/utils.go
@@ -1,7 +1,6 @@
 package store

 import (
-	"path/filepath"
 	"strings"

 	"github.com/grafana/grafana/pkg/models"
@@ -27,5 +26,5 @@ func getPathAndScope(c *models.ReqContext) (string, string) {
 	if path == "" {
 		return "", ""
 	}
-	return splitFirstSegment(filepath.Clean(path))
+	return splitFirstSegment(path)
 }
--- a/pkg/services/store/validate.go
+++ b/pkg/services/store/validate.go
@@ -13,6 +13,7 @@ var (
 	allowedImageExtensions = map[string]bool{
 		".jpg":  true,
 		".jpeg": true,
+		".svg":  true,
 		".gif":  true,
 		".png":  true,
 		".webp": true,
@@ -23,6 +24,7 @@ var (
 		".gif":  {"image/gif": true},
 		".png":  {"image/png": true},
 		".webp": {"image/webp": true},
+		".svg":  {"text/xml; charset=utf-8": true, "text/plain; charset=utf-8": true, "image/svg+xml": true},
 	}
 )

@@ -68,7 +70,7 @@ func (s *standardStorageService) validateUploadRequest(ctx context.Context, user
 	// TODO: validateProperties

 	if err := filestorage.ValidatePath(storagePath); err != nil {
-		return fail("path validation failed: " + err.Error())
+		return fail("path validation failed. error:" + err.Error() + ". path: " + storagePath)
 	}

 	switch req.EntityType {