[Synthetics] Fix escape vars template literal inline script !! #228696
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
github-actions
bot
added
the
author:obs-ux-management
shahzad31
added
backport:version
There was a problem hiding this comment.
Pull Request Overview
This PR fixes an issue with template literal escaping in inline synthetic monitoring scripts. When template literals like ${url} are used in inline scripts, they need to be escaped as $${url} to prevent conflicts during heartbeat variable parsing.
- Introduces a new
inlineSourceFormatterfunction that escapes template literals by adding an extra$prefix - Updates both public and private formatters to use the new escaping logic for inline source code
- Adds test coverage for the template literal escaping functionality
Reviewed Changes
Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| browser.ts | Updates public formatter to use inlineSourceFormatter for SOURCE_INLINE config |
| formatting_utils.ts (private) | Adds special handling for SOURCE_INLINE in stringToJsonFormatter |
| formatting_utils.ts | Implements the inlineSourceFormatter function with template literal escaping |
| formatting_utils.test.ts | Adds test case for template literal escaping functionality |
Comments suppressed due to low confidence (1)
x-pack/solutions/observability/plugins/synthetics/server/synthetics_service/formatters/formatting_utils.ts:126
- The function name 'escapeTemplateLiterals' is misleading. The function doesn't escape template literals themselves, but rather escapes variable interpolation syntax within template literals. Consider renaming to 'escapeTemplateInterpolation' or 'escapeVariableSubstitution'.
function escapeTemplateLiterals(script: string): string {
...ns/observability/plugins/synthetics/server/synthetics_service/formatters/formatting_utils.ts
Outdated
Show resolved
Hide resolved
...ns/observability/plugins/synthetics/server/synthetics_service/formatters/formatting_utils.ts
Outdated
Show resolved
Hide resolved
botelastic
bot
added
the
Team:obs-ux-management
|
Pinging @elastic/obs-ux-management-team (Team:obs-ux-management) |
…etics_service/formatters/formatting_utils.ts Co-authored-by: Copilot <[email protected]>
…etics_service/formatters/formatting_utils.ts Co-authored-by: Copilot <[email protected]>
💛 Build succeeded, but was flaky
Failed CI StepsTest Failures
Metrics [docs]
History
|
shahzad31
commented
Jul 21, 2025
...ns/observability/plugins/synthetics/server/synthetics_service/formatters/formatting_utils.ts
Outdated
Show resolved
Hide resolved
…etics_service/formatters/formatting_utils.ts
|
Starting backport for target branches: 8.17, 8.18, 8.19, 9.0, 9.1 https://github.com/elastic/kibana/actions/runs/16417258446 |
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Jul 21, 2025
…ic#228696) ## Summary Needed to add $ before e.g template ${url} so that it gets escaped during heartbeat vars parsing. ### Before being passed to heartbeat ``` step("blame me",async () =>{ const url = "https://www.google.com"; await page.goto(`${url}`); }) ``` ### After being passed to heartbeat ``` step("bname me",async () =>{ const url = "https://www.google.com"; await page.goto(`$${url}`); }) ``` You can take a look at inspect config flyout in monitor form <img width="1728" height="879" alt="image" src="https://github.com/user-attachments/assets/0078ff6d-c581-45db-b87e-384b96d52076" /> --------- Co-authored-by: Copilot <[email protected]> (cherry picked from commit 3102200)
kibanamachine
pushed a commit
to kibanamachine/kibana
that referenced
this pull request
Jul 21, 2025
…ic#228696) ## Summary Needed to add $ before e.g template ${url} so that it gets escaped during heartbeat vars parsing. ### Before being passed to heartbeat ``` step("blame me",async () =>{ const url = "https://www.google.com"; await page.goto(`${url}`); }) ``` ### After being passed to heartbeat ``` step("bname me",async () =>{ const url = "https://www.google.com"; await page.goto(`$${url}`); }) ``` You can take a look at inspect config flyout in monitor form <img width="1728" height="879" alt="image" src="https://github.com/user-attachments/assets/0078ff6d-c581-45db-b87e-384b96d52076" /> --------- Co-authored-by: Copilot <[email protected]> (cherry picked from commit 3102200)
💔 Some backports could not be created
Note: Successful backport PRs will be merged automatically after passing CI. Manual backportTo create the backport manually run: Questions ?Please refer to the Backport tool documentation |
kibanamachine
added a commit
that referenced
this pull request
Jul 21, 2025
…228696) (#228776) # Backport This will backport the following commits from `main` to `9.1`: - [[Synthetics] Fix escape vars template literal inline script !! (#228696)](#228696) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Shahzad","email":"[email protected]"},"sourceCommit":{"committedDate":"2025-07-21T12:41:07Z","message":"[Synthetics] Fix escape vars template literal inline script !! (#228696)\n\n## Summary\n\nNeeded to add $ before e.g template ${url} so that it gets escaped\nduring heartbeat vars parsing.\n\n### Before being passed to heartbeat\n\n```\nstep(\"blame me\",async () =>{\n const url = \"https://www.google.com\";\n await page.goto(`${url}`);\n})\n```\n\n### After being passed to heartbeat\n\n```\n step(\"bname me\",async () =>{\n const url = \"https://www.google.com\";\n await page.goto(`${url}`);\n })\n```\n\nYou can take a look at inspect config flyout in monitor form \n\n<img width=\"1728\" height=\"879\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/0078ff6d-c581-45db-b87e-384b96d52076\"\n/>\n\n---------\n\nCo-authored-by: Copilot <[email protected]>","sha":"31022002548f6112ead4cd6db2052f9dd1cbe789","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","Team:obs-ux-management","backport:version","v8.18.0","v9.1.0","v8.19.0","author:obs-ux-management","v9.2.0","v8.17.9","v9.0.5"],"title":"[Synthetics] Fix escape vars template literal inline script !!","number":228696,"url":"https://github.com/elastic/kibana/pull/228696","mergeCommit":{"message":"[Synthetics] Fix escape vars template literal inline script !! (#228696)\n\n## Summary\n\nNeeded to add $ before e.g template ${url} so that it gets escaped\nduring heartbeat vars parsing.\n\n### Before being passed to heartbeat\n\n```\nstep(\"blame me\",async () =>{\n const url = \"https://www.google.com\";\n await page.goto(`${url}`);\n})\n```\n\n### After being passed to heartbeat\n\n```\n step(\"bname me\",async () =>{\n const url = \"https://www.google.com\";\n await page.goto(`${url}`);\n })\n```\n\nYou can take a look at inspect config flyout in monitor form \n\n<img width=\"1728\" height=\"879\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/0078ff6d-c581-45db-b87e-384b96d52076\"\n/>\n\n---------\n\nCo-authored-by: Copilot <[email protected]>","sha":"31022002548f6112ead4cd6db2052f9dd1cbe789"}},"sourceBranch":"main","suggestedTargetBranches":["8.18","9.1","8.19","8.17","9.0"],"targetPullRequestStates":[{"branch":"8.18","label":"v8.18.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/228696","number":228696,"mergeCommit":{"message":"[Synthetics] Fix escape vars template literal inline script !! (#228696)\n\n## Summary\n\nNeeded to add $ before e.g template ${url} so that it gets escaped\nduring heartbeat vars parsing.\n\n### Before being passed to heartbeat\n\n```\nstep(\"blame me\",async () =>{\n const url = \"https://www.google.com\";\n await page.goto(`${url}`);\n})\n```\n\n### After being passed to heartbeat\n\n```\n step(\"bname me\",async () =>{\n const url = \"https://www.google.com\";\n await page.goto(`${url}`);\n })\n```\n\nYou can take a look at inspect config flyout in monitor form \n\n<img width=\"1728\" height=\"879\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/0078ff6d-c581-45db-b87e-384b96d52076\"\n/>\n\n---------\n\nCo-authored-by: Copilot <[email protected]>","sha":"31022002548f6112ead4cd6db2052f9dd1cbe789"}},{"branch":"8.17","label":"v8.17.9","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.0","label":"v9.0.5","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Shahzad <[email protected]> Co-authored-by: Copilot <[email protected]>
This was referenced Jul 21, 2025
Bluefinger
pushed a commit
to Bluefinger/kibana
that referenced
this pull request
Jul 22, 2025
…ic#228696) ## Summary Needed to add $ before e.g template ${url} so that it gets escaped during heartbeat vars parsing. ### Before being passed to heartbeat ``` step("blame me",async () =>{ const url = "https://www.google.com"; await page.goto(`${url}`); }) ``` ### After being passed to heartbeat ``` step("bname me",async () =>{ const url = "https://www.google.com"; await page.goto(`$${url}`); }) ``` You can take a look at inspect config flyout in monitor form <img width="1728" height="879" alt="image" src="https://github.com/user-attachments/assets/0078ff6d-c581-45db-b87e-384b96d52076" /> --------- Co-authored-by: Copilot <[email protected]>
kibanamachine
added
the
backport missing
|
Looks like this PR has backport PRs but they still haven't been merged. Please merge them ASAP to keep the branches relatively in sync. |
kibanamachine
added a commit
that referenced
this pull request
Jul 22, 2025
…#228696) (#228775) # Backport This will backport the following commits from `main` to `8.19`: - [[Synthetics] Fix escape vars template literal inline script !! (#228696)](#228696) <!--- Backport version: 9.6.6 --> ### Questions ? Please refer to the [Backport tool documentation](https://github.com/sorenlouv/backport) <!--BACKPORT [{"author":{"name":"Shahzad","email":"[email protected]"},"sourceCommit":{"committedDate":"2025-07-21T12:41:07Z","message":"[Synthetics] Fix escape vars template literal inline script !! (#228696)\n\n## Summary\n\nNeeded to add $ before e.g template ${url} so that it gets escaped\nduring heartbeat vars parsing.\n\n### Before being passed to heartbeat\n\n```\nstep(\"blame me\",async () =>{\n const url = \"https://www.google.com\";\n await page.goto(`${url}`);\n})\n```\n\n### After being passed to heartbeat\n\n```\n step(\"bname me\",async () =>{\n const url = \"https://www.google.com\";\n await page.goto(`${url}`);\n })\n```\n\nYou can take a look at inspect config flyout in monitor form \n\n<img width=\"1728\" height=\"879\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/0078ff6d-c581-45db-b87e-384b96d52076\"\n/>\n\n---------\n\nCo-authored-by: Copilot <[email protected]>","sha":"31022002548f6112ead4cd6db2052f9dd1cbe789","branchLabelMapping":{"^v9.2.0$":"main","^v(\\d+).(\\d+).\\d+$":"$1.$2"}},"sourcePullRequest":{"labels":["release_note:fix","Team:obs-ux-management","backport:version","v8.18.0","v9.1.0","v8.19.0","author:obs-ux-management","v9.2.0","v8.17.9","v9.0.5"],"title":"[Synthetics] Fix escape vars template literal inline script !!","number":228696,"url":"https://github.com/elastic/kibana/pull/228696","mergeCommit":{"message":"[Synthetics] Fix escape vars template literal inline script !! (#228696)\n\n## Summary\n\nNeeded to add $ before e.g template ${url} so that it gets escaped\nduring heartbeat vars parsing.\n\n### Before being passed to heartbeat\n\n```\nstep(\"blame me\",async () =>{\n const url = \"https://www.google.com\";\n await page.goto(`${url}`);\n})\n```\n\n### After being passed to heartbeat\n\n```\n step(\"bname me\",async () =>{\n const url = \"https://www.google.com\";\n await page.goto(`${url}`);\n })\n```\n\nYou can take a look at inspect config flyout in monitor form \n\n<img width=\"1728\" height=\"879\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/0078ff6d-c581-45db-b87e-384b96d52076\"\n/>\n\n---------\n\nCo-authored-by: Copilot <[email protected]>","sha":"31022002548f6112ead4cd6db2052f9dd1cbe789"}},"sourceBranch":"main","suggestedTargetBranches":["8.18","9.1","8.19","8.17","9.0"],"targetPullRequestStates":[{"branch":"8.18","label":"v8.18.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.1","label":"v9.1.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"8.19","label":"v8.19.0","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"main","label":"v9.2.0","branchLabelMappingKey":"^v9.2.0$","isSourceBranch":true,"state":"MERGED","url":"https://github.com/elastic/kibana/pull/228696","number":228696,"mergeCommit":{"message":"[Synthetics] Fix escape vars template literal inline script !! (#228696)\n\n## Summary\n\nNeeded to add $ before e.g template ${url} so that it gets escaped\nduring heartbeat vars parsing.\n\n### Before being passed to heartbeat\n\n```\nstep(\"blame me\",async () =>{\n const url = \"https://www.google.com\";\n await page.goto(`${url}`);\n})\n```\n\n### After being passed to heartbeat\n\n```\n step(\"bname me\",async () =>{\n const url = \"https://www.google.com\";\n await page.goto(`${url}`);\n })\n```\n\nYou can take a look at inspect config flyout in monitor form \n\n<img width=\"1728\" height=\"879\" alt=\"image\"\nsrc=\"https://github.com/user-attachments/assets/0078ff6d-c581-45db-b87e-384b96d52076\"\n/>\n\n---------\n\nCo-authored-by: Copilot <[email protected]>","sha":"31022002548f6112ead4cd6db2052f9dd1cbe789"}},{"branch":"8.17","label":"v8.17.9","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"},{"branch":"9.0","label":"v9.0.5","branchLabelMappingKey":"^v(\\d+).(\\d+).\\d+$","isSourceBranch":false,"state":"NOT_CREATED"}]}] BACKPORT--> Co-authored-by: Shahzad <[email protected]> Co-authored-by: Copilot <[email protected]>
kibanamachine
removed
the
backport missing
kertal
pushed a commit
to kertal/kibana
that referenced
this pull request
Jul 25, 2025
…ic#228696) ## Summary Needed to add $ before e.g template ${url} so that it gets escaped during heartbeat vars parsing. ### Before being passed to heartbeat ``` step("blame me",async () =>{ const url = "https://www.google.com"; await page.goto(`${url}`); }) ``` ### After being passed to heartbeat ``` step("bname me",async () =>{ const url = "https://www.google.com"; await page.goto(`$${url}`); }) ``` You can take a look at inspect config flyout in monitor form <img width="1728" height="879" alt="image" src="https://github.com/user-attachments/assets/0078ff6d-c581-45db-b87e-384b96d52076" /> --------- Co-authored-by: Copilot <[email protected]>
crespocarlos
pushed a commit
to crespocarlos/kibana
that referenced
this pull request
Jul 25, 2025
…ic#228696) ## Summary Needed to add $ before e.g template ${url} so that it gets escaped during heartbeat vars parsing. ### Before being passed to heartbeat ``` step("blame me",async () =>{ const url = "https://www.google.com"; await page.goto(`${url}`); }) ``` ### After being passed to heartbeat ``` step("bname me",async () =>{ const url = "https://www.google.com"; await page.goto(`$${url}`); }) ``` You can take a look at inspect config flyout in monitor form <img width="1728" height="879" alt="image" src="https://github.com/user-attachments/assets/0078ff6d-c581-45db-b87e-384b96d52076" /> --------- Co-authored-by: Copilot <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #225498
Summary
Needed to add $ before e.g template ${url} so that it gets escaped during heartbeat vars parsing.
Before being passed to heartbeat
After being passed to heartbeat
You can take a look at inspect config flyout in monitor form