Simon Bennetts
Simon Bennetts
If a multipart/form-data POST request is made then it appears in the sites tree as `POST:pagename()(multipart/form-data)` This means that if there are multiple POSTs to the same URL with different...
This may sound unusual but I've actually seen it happen a couple of times. Users manually add the ZAP root cert as 'Servers' cert (maybe others as well?) which means...
If you start FX before your security tool then the corresponding commands arent available in gcli Best option would be polling for the tool to appear, but a warning would...
C/o Bjoern Kimminich WIP as I want to remind myself to look at this and havnt got time right now 😉
ZAP 2.11.1 has been released to remove the dependency on a vulnerable version of Log4j: https://www.zaproxy.org/blog/2021-12-10-zap-and-log4shell/ Does this project need to be changed to pick up this new version? I...
## Description When chalking a docker image on my MacBook chalk creates a chalk-reports.jsonl file with no perms. The next time I run the same command it fails with `ERROR:...
They often seem to fail with flakey pageLoad events - not sure whether this is the browser not sending them or a bug in our code. Also the Firefox tests...
### Describe the bug As per the title. ### Steps to reproduce the behavior This can be tested with a passive script which has an error in. For info standalone...
Implement a client based spider, in the client add-on. Hopefully this can replace the AJAX spider which we know has a set of problems which are very hard for us...
Required for first release? - [x] zaproxy/browser-extension#67 - [x] zaproxy/zap-extensions#4809 Important but not required for first release? - [x] Client events not recorded for Ajax Spider - [ ] Option...