thc202
thc202
Deprecate all related classes and remove the extension from core functionality, it will be provided by the requester add-on. Address deprecation warnings in other classes. --- WIP pending changes in...
### Describe the bug The script print statements are printed twice to the standard output. ### Steps to reproduce the behavior 1. Run the provided automation plan in command line...
From #2583: > Can you also add for both spiders, the elapsed time so far, and the total time required to complete the scan? To be clear, it would show...
Allow add-ons to dynamically add/remove authentication (e.g. Form-based Authentication, HTTP/NTLM Authentication...) and session management (e.g. Cookie-based Session Management, HTTP Authentication Session Management) methods. The change would allow add-ons to effectively...
Compile the add-ons and helper projects with Java 11. Update Java version in workflows. Remove unnecessary permission checks in some workflows.
Running a scan against `https://cloudflare.com/` with Java 11, which supports TLS 1.3, leads to: ``` Problem fetching certificate. err=java.lang.StringIndexOutOfBoundsException: begin 4, end -1, length 22 com.mps.deepviolet.api.DVException: java.lang.StringIndexOutOfBoundsException: begin 4, end...
The break functionality does not need be in core and being in an add-on allows to enhance/fix it without the need to wait for a full release.
The current API endpoint generates the report to the local file system and it's not possible (through ZAP) to get/download it. https://www.zaproxy.org/docs/desktop/addons/report-generation/api/ Ideally there should be an endpoint that allows...
If for whatever reason the permanent DB can't be loaded the OAST add-on logs many errors as it attempts (and fails) to load it several times (e.g. when creating a...
From zaproxy/community-scripts#127, e.g.: ```JavaScript // Logging with the script name is super helpful! function logger() { print('[' + this['zap.script.name'] + '] ' + arguments[0]); } ``` ZAP should allow to...