django-DefectDojo: GET /finding/ 500s when associated Endpoint host is longer than 50 characters

Bug description GET /finding/<finding_id> 500s when the associated Endpoint host is longer than 50 characters.

Steps to reproduce Steps to reproduce the behavior:

  1. For a given finding of <finding_id>, update one of the endpoints to have a hostname that is greater than 50 characters
  2. GET /finding/<finding_id>
  3. See error

Expected behavior The url_shortner filter should properly handle return values of greater than 50 characters

Deployment method

  • Kubernetes
  • Docker
  • setup.bash / legacy-setup.bash

Environment information

  • Operating System: macOS Catalina Version 10.15.5
  • DefectDojo Commit Message: [2020-10-28 09:12:41 +0100] bfcc9fd9: APIv2 findings performance improvements (#3011) [ (HEAD -> dev, upstream/dev)]

About this issue

  • Original URL
  • State: closed
  • Created 4 years ago
  • Comments: 19 (19 by maintainers)

Most upvoted comments

Haha no worries I knew what you were going for. Updated the PR.

+1
johnlanda on Oct 28, 2020

Sounds good! Thanks for being so responsive! The simplest fix is going to be changing it to something like this. I will play around with it a bit and update the PR.

@register.filter(name='url_shortner')
def url_shortner(value):
    return_value = str(value)
    url = urlparse(return_value)

    if url.path and len(url.path) != 1:
        return_value = url.path
    if len(return_value) > 50:
        return_value = "..." + return_value[50:]

    return return_value
+1
johnlanda on Oct 28, 2020
Read more comments on GitHub
← django-DefectDojo: Endpoint with protocol length > 20 characters causes error in report uploads (Tested with nessus)
django-DefectDojo: Open product detail page then got 500 internal server page →