upgrade cyberchef and prevent %3C in urls (arkime#2821)

CHANGELOG

@@ -32,6 +32,8 @@ NOTICE: Cross-cluster Shortcuts require you to not restart all your viewers at o
 NOTICE: Create a parliament config file before upgrading (see https://arkime.com/settings#parliament and https://arkime.com/faq#how_do_i_upgrade_to_arkime_5)
 
 5.2.1 2024/06/xx
+## Release
+  - #2821 CyberChef 10.18.6
 ## Capture
   - #2820 fix puny dns entries missing from all list sometimes
 ## Viewer

release/new_cyber_chef.pl

@@ -18,6 +18,16 @@
 my $html = do { local $/; <$fh> };
 close($fh);
 
+my $beforescript = q|
+<script>
+    let safehref = window.location.href.replace(/%3[cC]/g, '%26lt;');
+    if (window.location.href !== safehref) {
+      console.log("Hacker", window.location.href, safehref);
+      window.location.href = safehref;
+    }
+</script>
+|;
+
 my $script = q|
   <script>
     let href = window.location.href;
@@ -77,6 +87,7 @@
 $html =~ s|</body>|$script</body>|;
 
 open my $fh, '>', "cyberchef.html" or die "Can't open file $!";
+print $fh $beforescript;
 print $fh $html;
 print $fh "\n";
 close $fh;

viewer/Makefile.in

@@ -21,7 +21,7 @@ install:
 	$(INSTALL) *.js package.json package-lock.json $(VIEWERDIR)
 	npm ci
 	npm run $(INSTALL_BUNDLE)
-	(cd public ; wget -N https://github.com/gchq/CyberChef/releases/download/v10.18.3/CyberChef_v10.18.3.zip)
+	(cd public ; wget -N https://github.com/gchq/CyberChef/releases/download/v10.18.6/CyberChef_v10.18.6.zip)
 	$(CP) -pr views public $(VIEWERDIR)
 	$(CP) -pr vueapp/dist "$(VIEWERDIR)/vueapp"
 	(cd $(VIEWERDIR) ; npm ci --production)

viewer/internals.js

@@ -18,7 +18,7 @@ const ArkimeConfig = require('../common/arkimeConfig');
 const internals = {
   isProduction: false,
   multiES: false,
-  CYBERCHEFVERSION: '10.18.3',
+  CYBERCHEFVERSION: '10.18.6',
   httpAgent: new http.Agent({ keepAlive: true, keepAliveMsecs: 5000, maxSockets: 40 }),
   previousNodesStats: [],
   caTrustCerts: new Map(),