thc202
thc202
I guess this is WIP since only addresses part of the referenced issue?
Please, check this comment as well: https://github.com/zaproxy/zaproxy/pull/6218#issuecomment-727838905 (to make sure it addresses those cases).
This is now closing the issue but it still lacks necessary functionality (most of the points mentioned in https://github.com/zaproxy/zaproxy/pull/6218#issuecomment-727838905).
They are not separate topics, the authentication and session management methods are an integral part of the contexts (see `Context` class, fields `authenticationMethod` and `sessionManagementMethod`). The add-ons can be dynamically...
That's the expected behaviour, status code is not relevant for the count of URLs found. Though ignoring the seeds would probably be more accurate since those are technically not found...
Share your connection settings.
Open ZAP instead of OWASP ZAP (and uninstall the latter).
It was not added because it's not in the HAR spec: http://www.softwareishard.com/blog/har-12-spec/#cookies (Can be added as a custom field though.)
The Fuzzer Processor script might be more appropriate. e.g. https://github.com/zaproxy/community-scripts/tree/main/httpfuzzerprocessor