Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] Perpetual Warnings on TAXII Server Response due to Pagination Issues in mitreattack-python #139

Open
seansica opened this issue Aug 28, 2023 · 0 comments
Open

[Bug] Perpetual Warnings on TAXII Server Response due to Pagination Issues in mitreattack-python #139

seansica opened this issue Aug 28, 2023 · 0 comments
Labels
bug Something isn't working

Comments

@seansica
Copy link
Contributor

Bug Description

When you run the following code (as provided in our reference documentation here):

from mitreattack.navlayers import Layer
from mitreattack.navlayers import ToSvg, SVGConfig

lay = Layer()
lay.from_file("path/to/layer/file.json")
# Using taxii server for template
t = ToSvg(domain=lay.layer.domain, source='taxii')
t.to_svg(layerInit=lay, filepath="demo.svg")
#Using local stix data for template

The following warnings are reported ad infinitum (in a perpetual loop):

[taxii2client.v20] [WARNING ] [2023-08-28 12:44:57,819] TAXII Server Response did not include 'Content-Range' header - results could be incomplete.
[taxii2client.v20] [WARNING ] [2023-08-28 12:44:57,820] TAXII Server Response with different amount of objects! Setting per_request=1
[taxii2client.v20] [WARNING ] [2023-08-28 12:45:00,746] TAXII Server Response did not include 'Content-Range' header - results could be incomplete.
[taxii2client.v20] [WARNING ] [2023-08-28 12:45:00,747] TAXII Server Response with different amount of objects! Setting per_request=1
[taxii2client.v20] [WARNING ] [2023-08-28 12:45:05,395] TAXII Server Response did not include 'Content-Range' header - results could be incomplete.
[taxii2client.v20] [WARNING ] [2023-08-28 12:45:05,396] TAXII Server Response with different amount of objects! Setting per_request=1

Context

The error stems from MITRE's TAXII 2.0 server not being fully compliant with the TAXII 2.0 spec; specifically in that it omits the Content-Range header in HTTP responses. The mitreattack-python code uses a third party library (provided by OASIS) to interface with the TAXII server: cti-taxii-client. This is not maintained by us. You can actually see how those warnings are being logged here. This discrepancy is due to our TAXII 2.0 server implementation not supporting pagination.

However, it’s unusual that the mitreattack-python API is setting pagination on these downstream requests (as observed by the per_request=1 string in the above logs), so we’re investigating that.

Possible Solution

  1. Implement pagination on the TAXII 2.0 server. This is unlikely given the age and projected lifespan of the server.
  2. Identify the source of where per_request=1 is getting set and either unset it or set it to zero to effectively disable pagination.
@seansica seansica added the bug Something isn't working label Aug 28, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@seansica