Add Search on Local or Remote MISP Instance about mitaka HOT 6 CLOSED

Hello,

The MISP API is very simple to use :

Request is like this :
curl -X POST -k -H 'Accept: application/json' -H 'Authorization: API Key' -H 'Content-Type: application/json' -i 'https://URL/attributes/restSearch' --data '{"value":"foobar"}'

Mandatory parameters :

• API Key (can be setup by user like VT API Key)

• URL (can be setup by user like VT API Key)

• value can be anything no need to specify the type like IP or URL or Domain.

Hope it helps :)

from mitaka.

Postman doesn't use native cURL. It uses XHR and requires wild-card permissions.

    "permissions":["cookies", "storage", "http://*/*", "https://*/*"],

from mitaka.

Thank you for giving a feature request.

Could you give more detailed information?
(Please refer to #164. This kind of information is useful for implementation.)

from mitaka.

Thanks. I think there are 2 issues for implementing the feature.

1. Mitaka is a Chrome extension which opens a website based on a search/scan action.

   • POST /attributes/restSearch returns a JSON response. It doesn't include a URL to a search result page.
   • It’s possible to show a notification based on the JSON but it’s off the rails IMO.

2. Cross-Origin XMLHttpRequest

   • Chrome extension(content scripts) is subject to the Same-origin policy.
     • ref. https://developer.chrome.com/extensions/xhr
   • Sending HTTP request to MISP instances is also subject to the restriction.
   • It’s possible to set a wild-card permission (e.g. https://*) but I don’t like that because of security concerns.

Do you have any ideas to figure out these issue?

from mitaka.

Hello,

If you're using XHR yes we will have a problem with the SOP and CORS, but is it possible to do a CURL POST like postman or something else ?
In this case we don't have any origin, just an API call to the MISP server.

from mitaka.

Close this issue because it seems like there is no solution to solve the FR.

from mitaka.