Simon Bennetts
Simon Bennetts
@jaywon so the `?name=` path element _is_ under the HUDs control :) Its handled here: https://github.com/zaproxy/zap-hud/blob/develop/src/main/java/org/zaproxy/zap/extension/hud/HudFileProxy.java#L107 We can easily change that part, but we will need to know the difference...
'images' can be a sub folder of the hud top level dir. Are you ok with the top level random path element? If not we'll need core ZAP changes (and...
@jaywon that would be great, we really need this :) TBH I'd forgotten that you were waiting on API changes. Am I right in thinking you needed the URLs to...
Re https://github.com/zaproxy/zap-hud/pull/459#issuecomment-488229956 we will definitely need to set some variables at run time. We will also need to be able to dynamically add content, eg to support optional add-ons that...
Another thought - would it be possible to split this up into multiple PRs, eg closer to one of each of the issues you mention in the first comment? Its...
Ah, so I nearly always run ZAP using Browser Launch. I definitely need to get some unit tests working so that we can test these things automatically. I'll also have...
@dscrobonia by remote browsing I mean ZAP running on one machine and your browser (and therefore the HUD) running on another. You need to configure ZAP to allow it by...
@dvas0004 glad you're looking into this! One quick point - we know the HUD doesnt work for multiple tabs - thats #119 (which @dscrobonia is working on), and we also...
While this could use a ZAP ascan rule I think in this case it would be better if the tool just tried to access the security.txt file directly (if enabled)...
Should probably be a bit more generic, eg to also support https://www.contributejson.org/ and any other similar schemes