Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Kibana shouldn't display warnings which give access to advanced settings in iFrames #110055

Closed
Tracked by #168126
bhavyarm opened this issue Aug 25, 2021 · 2 comments
Closed
Tracked by #168126

Kibana shouldn't display warnings which give access to advanced settings in iFrames #110055

bhavyarm opened this issue Aug 25, 2021 · 2 comments
Labels
bug Fixes for quality problems that affect the customer experience Feature:Embedding Embedding content via iFrame loe:large Large Level of Effort Team:Presentation Presentation Team for Dashboard, Input Controls, and Canvas

Comments

@bhavyarm
Copy link
Contributor

Kibana version: 7.15.0 bc

Elasticsearch version: 7.15.0 bc

Server OS version: darwin_x86_64

Browser version: chrome latest

Browser OS version: OS X

Original install method (e.g. download page, yum, from source, etc.): from staging

Describe the bug: Kibana shouldn't display warnings that give access to advanced settings in iFrames. Because once you kick on iFrames having access means you can click on everything else.

Steps to reproduce:

  1. Turn on legacy chart switch in advanced settings - visualization:visualize:legacyChartsLibrary and go to visualize and create a chart
  2. Click on share and share the viz as an iFrame - create html file with that code
  3. Open the iFrame (do it in firefox so you don't have to set additional settings in kibana.yml)
  4. You see the warning about legacy viz and how to change it in advanced settings
  5. You can click on the advanced setting and boom you can be all over Kibana if you have access

Expected behavior: Don't display warnings in iFrames

Screenshots (if relevant):

access_iFrame.mp4
@bhavyarm bhavyarm added bug Fixes for quality problems that affect the customer experience Feature:Embedding Embedding content via iFrame Team:Presentation Presentation Team for Dashboard, Input Controls, and Canvas labels Aug 25, 2021
@elasticmachine
Copy link
Contributor

Pinging @elastic/kibana-presentation (Team:Presentation)

@bhavyarm bhavyarm mentioned this issue Aug 25, 2021
Closed
@nreese
Copy link
Contributor

nreese commented Mar 23, 2023

Closing, legacy charts library has been removed

@nreese nreese closed this as completed Mar 23, 2023
@ThomThomson ThomThomson mentioned this issue Apr 10, 2023
Open
@ThomThomson ThomThomson added the loe:large Large Level of Effort label Jun 14, 2023
@ThomThomson ThomThomson mentioned this issue Oct 5, 2023
Open
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Fixes for quality problems that affect the customer experience Feature:Embedding Embedding content via iFrame loe:large Large Level of Effort Team:Presentation Presentation Team for Dashboard, Input Controls, and Canvas
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@nreese @bhavyarm @ThomThomson @elasticmachine