Fix/security alert

[v-federicoar]

Summary

This PR modernizes the Bicep infrastructure definitions by updating Azure resource API versions to newer 2025-2026 versions and applies compatibility fixes required by the updated schemas. It also includes a security fix that sanitizes untrusted chat input before logging to prevent log forging.

What changed

• Updated API versions across infrastructure modules in infra-as-code/bicep and infra-as-code/bicep/modules.
• Warning-related updates include:
  • BCP036: Changed hostingMode from default to Default in ai-search.bicep.
  • BCP037: Kept the valid capabilityHostKind property in ai-foundry-project.bicep and suppressed the schema warning with a #disable-next-line BCP037 directive, matching the existing repo convention.
  • Web App schema warning compatibility: replaced deprecated VNet routing flags with outboundVnetRouting in web-app.bicep.

Security

• Sanitized untrusted chat input before logging in website/chatui/Controllers/ChatController.cs to prevent log forging via newline and control characters. Carriage returns and line feeds are escaped, and other control characters are replaced before the prompt is written to the log.

[Copilot]

Pull request overview

This PR carries two loosely related changes. Its title references a "security alert" fix, which is implemented in ChatController.cs by sanitizing untrusted user input before logging (preventing log forging / log injection via newline and control characters). The bulk of the diff, however, modernizes the Bicep infrastructure-as-code by bumping Azure resource API versions to newer 2025–2026 versions across the workload, plus a few schema-compatibility adjustments those newer versions require.

Changes:

• Add SanitizeForLog in ChatController.cs and route the logged prompt through it to mitigate log forging.
• Bump Azure resource API versions consistently across infra-as-code/bicep and infra-as-code/bicep/modules (Network, Storage, Key Vault, Cognitive Services, Search, Cosmos DB, Web, Managed Identity).
• Apply schema-compatibility edits: outboundVnetRouting replaces the deprecated per-flag VNet routing properties (web-app.bicep), hostingMode casing change (ai-search.bicep), and removal of capabilityHostKind (ai-foundry-project.bicep).

Reviewed changes

Copilot reviewed 17 out of 18 changed files in this pull request and generated 2 comments.

Show a summary per file

File	Description
website/chatui/Controllers/ChatController.cs	Adds log-input sanitization to prevent log forging; this is the actual security fix.
infra-as-code/bicep/web-app.bicep	Bumps API versions and replaces deprecated VNet routing flags with outboundVnetRouting.
infra-as-code/bicep/web-app-storage.bicep	Bumps VNet/storage/private-endpoint API versions.
infra-as-code/bicep/network.bicep	Bumps VNet, NSG, and route-table API versions.
infra-as-code/bicep/modules/storageAccountRoleAssignment.bicep	Bumps existing storage account API version.
infra-as-code/bicep/modules/keyvaultRoleAssignment.bicep	Bumps existing Key Vault API version.
infra-as-code/bicep/modules/aiSearchRoleAssignment.bicep	Bumps existing AI Search API version.
infra-as-code/bicep/key-vault.bicep	Bumps VNet, Key Vault, and private-endpoint API versions.
infra-as-code/bicep/jump-box.bicep	Bumps VNet, public IP, and Bastion API versions.
infra-as-code/bicep/cosmos-db.bicep	Bumps managed identity, Cosmos DB, and private-endpoint API versions.
infra-as-code/bicep/azure-firewall.bicep	Bumps VNet, public IP, firewall policy/firewall, and route-table API versions.
infra-as-code/bicep/application-gateway.bicep	Bumps VNet, Web, Key Vault, public IP, and App Gateway API versions.
infra-as-code/bicep/ai-search.bicep	Bumps managed identity/Search/private-endpoint versions and changes hostingMode casing.
infra-as-code/bicep/ai-foundry.bicep	Bumps Cognitive Services and private-endpoint API versions.
infra-as-code/bicep/ai-foundry-project.bicep	Bumps several API versions and removes capabilityHostKind from the agent capability host.
infra-as-code/bicep/ai-agent-service-dependencies.bicep	Bumps managed identity API version.
infra-as-code/bicep/ai-agent-blob-storage.bicep	Bumps managed identity/storage/private-endpoint API versions.

Key review notes: API versions were updated consistently across all cross-references with no stale versions left behind, and the outboundVnetRouting mapping looks correct. The two behavioral edits are the riskiest part — I flagged the capabilityHostKind removal (it deviates from this repo's BCP037 keep-and-suppress convention and risks the agent host losing its Agents designation). The hostingMode casing change is plausibly required by the new schema (consistent with the author's BCP036 note), so I did not flag it, but it warrants human validation against a real deployment. Because these changes touch a production baseline reference architecture and depend on Azure API behavior that should be validated by an actual bicep build/deployment, this is best confirmed by a human.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

Pull request overview

Copilot reviewed 17 out of 18 changed files in this pull request and generated no new comments.

[johndowns]

Just one comment here, thank you!

[johndowns]

Do we need something in this version? If not, can we use the latest non-preview version:

Suggested change

	resource agentUserManagedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2025-05-31-preview' existing = {
	resource agentUserManagedIdentity 'Microsoft.ManagedIdentity/userAssignedIdentities@2024-11-30' existing = {

This applies throughout - I haven't flagged all of them.

My general prefernece is:

• If you need a feature in the latest API version, then use it (whether it's preview or not).
• If you don't need a specific version, prefer the latest non-preview version, unless it's a resource that only seems to publish preview versions (there are a handful of those).