Fix internet connection setting in output writer and simplify flow

[eranturgeman]

• All tests passed. If this feature is not already covered by the tests, I added new tests.
• This pull request is on the dev branch.
• I used gofmt for formatting the code before submitting the pull request.
• Update documentation about new features / new supported technologies

---

This PR handles a bug that incorrectly set the internet connection for output writer (constant true instead of the value we actually check) - This can cause incorrect icons and images in Air-Gapped since the flow try to fetch images and icons but in fact has no access to the internet
In addition we simplify the flow so the output writer in the Repository (which is then passed to the scanRepositoryCmd or ised by the scan-pr flow) will be all set once and will be reused instead of re-created

[github-actions]

📗 Scan Summary

• Frogbot scanned for vulnerabilities and found 8 issues

Scan Category	Status	Security Issues
Software Composition Analysis	ℹ️ Not Scanned	-
Contextual Analysis	✅ Done	-
Static Application Security Testing (SAST)	✅ Done	8 Issues Found 1 High 7 Medium
Secrets	✅ Done	-
Infrastructure as Code (IaC)	✅ Done	Not Found

---

🐸 JFrog Frogbot

[github-actions]

body

at utils/testsutils.go (line 242)

🎯 Static Application Security Testing (SAST) Vulnerability

Severity	Finding
High	Deserializing untrusted data without validation

Full description

Vulnerability Details

Rule ID:	go-unsafe-deserialization

Overview

Unsafe deserialization in Go occurs when a program deserializes untrusted
data with a potentially dangerous deserializer. Deserialization is the
process of converting serialized data (data that has been converted into a
format that can be easily transmitted or stored) back into its original
form. In some ("unsafe") serialization protocols, if an attacker is able
to manipulate the serialized data, they may be able to execute arbitrary
code or perform other malicious actions when the data is deserialized.

Vulnerable example

import (
    "github.com/go-yaml/yaml"
    "net/http"
)

func storeHandler(w http.ResponseWriter, r *http.Request) {
    var data map[string]interface{}
    yaml.Unmarshal([]byte(r.URL.Query().Get("data")), &data) // NOT OK
}

This code uses yaml.Unmarshal to deserialize untrusted data from the
user, with a potentially dangerous deserializer.

Remediation

import (
    "github.com/go-yaml/yaml"
    "net/http"
)

func storeHandler(w http.ResponseWriter, r *http.Request) {
    var data map[string]interface{}
    yaml.UnmarshalStrict([]byte(r.URL.Query().Get("data")), &data) // SAFE
}

Using yaml.UnmarshalStrict solves the problem by ensuring a safe
serialization protocol.

Code Flows

Vulnerable data flow analysis result

↘️ r.Body (at utils/testsutils.go line 235)

↘️ io.ReadAll(r.Body) (at utils/testsutils.go line 235)

↘️ body (at utils/testsutils.go line 235)

↘️ body (at utils/testsutils.go line 242)

---

🐸 JFrog Frogbot

[github-actions]

content

at utils/testsutils.go (line 188)

🎯 Static Application Security Testing (SAST) Vulnerability

Severity	Finding
Medium	Untrusted stored value is included in web page content

Full description

Vulnerability Details

Rule ID:	go-stored-xss

Overview

Stored Cross-Site Scripting (XSS) is a type of vulnerability where malicious
scripts are injected into a web application and stored in a persistent state,
such as a database. When other users access the affected page, the stored
scripts are executed in their browsers, leading to various attacks.

Vulnerable example

func serveMessage(w http.ResponseWriter, r *http.Request) {
    db, _ := sql.Open("sqlite3", "test.db")
    message := db.QueryRow("SELECT message FROM messages WHERE id = 1")
    fmt.Fprintf(w, "<h1>%s</h1>", message)
}

In this example, the serveMessage function retrieves a message from the
database and directly embeds it into an HTML response without proper escaping.
If the message contains malicious scripts, it can lead to Stored XSS attacks
when other users view the page.

Remediation

To mitigate Stored XSS vulnerabilities, always sanitize and encode user
input before storing it in a persistent state and before displaying it
to other users:

func serveMessage(w http.ResponseWriter, r *http.Request) {
    db, _ := sql.Open("sqlite3", "test.db")
    message := db.QueryRow("SELECT message FROM messages WHERE id = 1")
-   fmt.Fprintf(w, "<h1>%s</h1>", message)
+   fmt.Fprintf(w, "<h1>%s</h1>", html.EscapeString(message))
}

In the remediation, we've used the html.EscapeString function to escape
the message before embedding it into the HTML response. This helps prevent
the execution of malicious scripts and mitigates the Stored XSS vulnerability.

Code Flows

Vulnerable data flow analysis result

↘️ os.ReadFile("../testdata/configprofile/configProfileExample.json") (at utils/testsutils.go line 168)

↘️ content (at utils/testsutils.go line 168)

↘️ content (at utils/testsutils.go line 188)

---

🐸 JFrog Frogbot

[github-actions]

content

at utils/testsutils.go (line 197)

🎯 Static Application Security Testing (SAST) Vulnerability

Severity	Finding
Medium	Untrusted stored value is included in web page content

Full description

Vulnerability Details

Rule ID:	go-stored-xss

Overview

Stored Cross-Site Scripting (XSS) is a type of vulnerability where malicious
scripts are injected into a web application and stored in a persistent state,
such as a database. When other users access the affected page, the stored
scripts are executed in their browsers, leading to various attacks.

Vulnerable example

func serveMessage(w http.ResponseWriter, r *http.Request) {
    db, _ := sql.Open("sqlite3", "test.db")
    message := db.QueryRow("SELECT message FROM messages WHERE id = 1")
    fmt.Fprintf(w, "<h1>%s</h1>", message)
}

In this example, the serveMessage function retrieves a message from the
database and directly embeds it into an HTML response without proper escaping.
If the message contains malicious scripts, it can lead to Stored XSS attacks
when other users view the page.

Remediation

To mitigate Stored XSS vulnerabilities, always sanitize and encode user
input before storing it in a persistent state and before displaying it
to other users:

func serveMessage(w http.ResponseWriter, r *http.Request) {
    db, _ := sql.Open("sqlite3", "test.db")
    message := db.QueryRow("SELECT message FROM messages WHERE id = 1")
-   fmt.Fprintf(w, "<h1>%s</h1>", message)
+   fmt.Fprintf(w, "<h1>%s</h1>", html.EscapeString(message))
}

In the remediation, we've used the html.EscapeString function to escape
the message before embedding it into the HTML response. This helps prevent
the execution of malicious scripts and mitigates the Stored XSS vulnerability.

Code Flows

Vulnerable data flow analysis result

↘️ os.ReadFile("../testdata/configprofile/configProfileExample.json") (at utils/testsutils.go line 194)

↘️ content (at utils/testsutils.go line 194)

↘️ content (at utils/testsutils.go line 197)

---

🐸 JFrog Frogbot

[github-actions]

file

at scanrepository/scanrepository_test.go (line 768)

🎯 Static Application Security Testing (SAST) Vulnerability

Severity	Finding
Medium	Untrusted stored value is included in web page content

Full description

Vulnerability Details

Rule ID:	go-stored-xss

Overview

Stored Cross-Site Scripting (XSS) is a type of vulnerability where malicious
scripts are injected into a web application and stored in a persistent state,
such as a database. When other users access the affected page, the stored
scripts are executed in their browsers, leading to various attacks.

Vulnerable example

func serveMessage(w http.ResponseWriter, r *http.Request) {
    db, _ := sql.Open("sqlite3", "test.db")
    message := db.QueryRow("SELECT message FROM messages WHERE id = 1")
    fmt.Fprintf(w, "<h1>%s</h1>", message)
}

In this example, the serveMessage function retrieves a message from the
database and directly embeds it into an HTML response without proper escaping.
If the message contains malicious scripts, it can lead to Stored XSS attacks
when other users view the page.

Remediation

To mitigate Stored XSS vulnerabilities, always sanitize and encode user
input before storing it in a persistent state and before displaying it
to other users:

func serveMessage(w http.ResponseWriter, r *http.Request) {
    db, _ := sql.Open("sqlite3", "test.db")
    message := db.QueryRow("SELECT message FROM messages WHERE id = 1")
-   fmt.Fprintf(w, "<h1>%s</h1>", message)
+   fmt.Fprintf(w, "<h1>%s</h1>", html.EscapeString(message))
}

In the remediation, we've used the html.EscapeString function to escape
the message before embedding it into the HTML response. This helps prevent
the execution of malicious scripts and mitigates the Stored XSS vulnerability.

Code Flows

Vulnerable data flow analysis result

↘️ os.ReadFile(fmt.Sprintf("%s.tar.gz", projectName)) (at scanrepository/scanrepository_test.go line 766)

↘️ file (at scanrepository/scanrepository_test.go line 766)

↘️ file (at scanrepository/scanrepository_test.go line 768)

---

🐸 JFrog Frogbot

[github-actions]

repoFile

at scanpullrequest/scanpullrequest_test.go (line 1401)

🎯 Static Application Security Testing (SAST) Vulnerability

Severity	Finding
Medium	Untrusted stored value is included in web page content

Full description

Vulnerability Details

Rule ID:	go-stored-xss

Overview

Stored Cross-Site Scripting (XSS) is a type of vulnerability where malicious
scripts are injected into a web application and stored in a persistent state,
such as a database. When other users access the affected page, the stored
scripts are executed in their browsers, leading to various attacks.

Vulnerable example

func serveMessage(w http.ResponseWriter, r *http.Request) {
    db, _ := sql.Open("sqlite3", "test.db")
    message := db.QueryRow("SELECT message FROM messages WHERE id = 1")
    fmt.Fprintf(w, "<h1>%s</h1>", message)
}

In this example, the serveMessage function retrieves a message from the
database and directly embeds it into an HTML response without proper escaping.
If the message contains malicious scripts, it can lead to Stored XSS attacks
when other users view the page.

Remediation

To mitigate Stored XSS vulnerabilities, always sanitize and encode user
input before storing it in a persistent state and before displaying it
to other users:

func serveMessage(w http.ResponseWriter, r *http.Request) {
    db, _ := sql.Open("sqlite3", "test.db")
    message := db.QueryRow("SELECT message FROM messages WHERE id = 1")
-   fmt.Fprintf(w, "<h1>%s</h1>", message)
+   fmt.Fprintf(w, "<h1>%s</h1>", html.EscapeString(message))
}

In the remediation, we've used the html.EscapeString function to escape
the message before embedding it into the HTML response. This helps prevent
the execution of malicious scripts and mitigates the Stored XSS vulnerability.

Code Flows

Vulnerable data flow analysis result

↘️ os.ReadFile(filepath.Join("..", params.RepoName, "sourceBranch.gz")) (at scanpullrequest/scanpullrequest_test.go line 1399)

↘️ repoFile (at scanpullrequest/scanpullrequest_test.go line 1399)

↘️ repoFile (at scanpullrequest/scanpullrequest_test.go line 1401)

---

🐸 JFrog Frogbot

[github-actions]

repoFile

at scanpullrequest/scanpullrequest_test.go (line 1408)

🎯 Static Application Security Testing (SAST) Vulnerability

Severity	Finding
Medium	Untrusted stored value is included in web page content

Full description

Vulnerability Details

Rule ID:	go-stored-xss

Overview

Stored Cross-Site Scripting (XSS) is a type of vulnerability where malicious
scripts are injected into a web application and stored in a persistent state,
such as a database. When other users access the affected page, the stored
scripts are executed in their browsers, leading to various attacks.

Vulnerable example

func serveMessage(w http.ResponseWriter, r *http.Request) {
    db, _ := sql.Open("sqlite3", "test.db")
    message := db.QueryRow("SELECT message FROM messages WHERE id = 1")
    fmt.Fprintf(w, "<h1>%s</h1>", message)
}

In this example, the serveMessage function retrieves a message from the
database and directly embeds it into an HTML response without proper escaping.
If the message contains malicious scripts, it can lead to Stored XSS attacks
when other users view the page.

Remediation

To mitigate Stored XSS vulnerabilities, always sanitize and encode user
input before storing it in a persistent state and before displaying it
to other users:

func serveMessage(w http.ResponseWriter, r *http.Request) {
    db, _ := sql.Open("sqlite3", "test.db")
    message := db.QueryRow("SELECT message FROM messages WHERE id = 1")
-   fmt.Fprintf(w, "<h1>%s</h1>", message)
+   fmt.Fprintf(w, "<h1>%s</h1>", html.EscapeString(message))
}

In the remediation, we've used the html.EscapeString function to escape
the message before embedding it into the HTML response. This helps prevent
the execution of malicious scripts and mitigates the Stored XSS vulnerability.

Code Flows

Vulnerable data flow analysis result

↘️ os.ReadFile(filepath.Join("..", params.RepoName, "targetBranch.gz")) (at scanpullrequest/scanpullrequest_test.go line 1406)

↘️ repoFile (at scanpullrequest/scanpullrequest_test.go line 1406)

↘️ repoFile (at scanpullrequest/scanpullrequest_test.go line 1408)

---

🐸 JFrog Frogbot

[github-actions]

comments

at scanpullrequest/scanpullrequest_test.go (line 1415)

🎯 Static Application Security Testing (SAST) Vulnerability

Severity	Finding
Medium	Untrusted stored value is included in web page content

Full description

Vulnerability Details

Rule ID:	go-stored-xss

Overview

Stored Cross-Site Scripting (XSS) is a type of vulnerability where malicious
scripts are injected into a web application and stored in a persistent state,
such as a database. When other users access the affected page, the stored
scripts are executed in their browsers, leading to various attacks.

Vulnerable example

func serveMessage(w http.ResponseWriter, r *http.Request) {
    db, _ := sql.Open("sqlite3", "test.db")
    message := db.QueryRow("SELECT message FROM messages WHERE id = 1")
    fmt.Fprintf(w, "<h1>%s</h1>", message)
}

In this example, the serveMessage function retrieves a message from the
database and directly embeds it into an HTML response without proper escaping.
If the message contains malicious scripts, it can lead to Stored XSS attacks
when other users view the page.

Remediation

To mitigate Stored XSS vulnerabilities, always sanitize and encode user
input before storing it in a persistent state and before displaying it
to other users:

func serveMessage(w http.ResponseWriter, r *http.Request) {
    db, _ := sql.Open("sqlite3", "test.db")
    message := db.QueryRow("SELECT message FROM messages WHERE id = 1")
-   fmt.Fprintf(w, "<h1>%s</h1>", message)
+   fmt.Fprintf(w, "<h1>%s</h1>", html.EscapeString(message))
}

In the remediation, we've used the html.EscapeString function to escape
the message before embedding it into the HTML response. This helps prevent
the execution of malicious scripts and mitigates the Stored XSS vulnerability.

Code Flows

Vulnerable data flow analysis result

↘️ os.ReadFile(filepath.Join("..", "commits.json")) (at scanpullrequest/scanpullrequest_test.go line 1413)

↘️ comments (at scanpullrequest/scanpullrequest_test.go line 1413)

↘️ comments (at scanpullrequest/scanpullrequest_test.go line 1415)

---

🐸 JFrog Frogbot

[github-actions]

discussions

at scanpullrequest/scanpullrequest_test.go (line 1450)

🎯 Static Application Security Testing (SAST) Vulnerability

Severity	Finding
Medium	Untrusted stored value is included in web page content

Full description

Vulnerability Details

Rule ID:	go-stored-xss

Overview

Stored Cross-Site Scripting (XSS) is a type of vulnerability where malicious
scripts are injected into a web application and stored in a persistent state,
such as a database. When other users access the affected page, the stored
scripts are executed in their browsers, leading to various attacks.

Vulnerable example

func serveMessage(w http.ResponseWriter, r *http.Request) {
    db, _ := sql.Open("sqlite3", "test.db")
    message := db.QueryRow("SELECT message FROM messages WHERE id = 1")
    fmt.Fprintf(w, "<h1>%s</h1>", message)
}

In this example, the serveMessage function retrieves a message from the
database and directly embeds it into an HTML response without proper escaping.
If the message contains malicious scripts, it can lead to Stored XSS attacks
when other users view the page.

Remediation

To mitigate Stored XSS vulnerabilities, always sanitize and encode user
input before storing it in a persistent state and before displaying it
to other users:

func serveMessage(w http.ResponseWriter, r *http.Request) {
    db, _ := sql.Open("sqlite3", "test.db")
    message := db.QueryRow("SELECT message FROM messages WHERE id = 1")
-   fmt.Fprintf(w, "<h1>%s</h1>", message)
+   fmt.Fprintf(w, "<h1>%s</h1>", html.EscapeString(message))
}

In the remediation, we've used the html.EscapeString function to escape
the message before embedding it into the HTML response. This helps prevent
the execution of malicious scripts and mitigates the Stored XSS vulnerability.

Code Flows

Vulnerable data flow analysis result

↘️ os.ReadFile(filepath.Join("..", "list_merge_request_discussion_items.json")) (at scanpullrequest/scanpullrequest_test.go line 1448)

↘️ discussions (at scanpullrequest/scanpullrequest_test.go line 1448)

↘️ discussions (at scanpullrequest/scanpullrequest_test.go line 1450)

---

🐸 JFrog Frogbot