zap-extensions icon indicating copy to clipboard operation
zap-extensions copied to clipboard

Published 20 hours ago verified publisher icon zaproxy

ascanrules: Path Traversal add details for dir match Alerts & reduce FPs

Open kingthorin opened this issue 4 months ago • 7 comments

Overview

  • CHANGELOG > Added change note.
  • Message.properties > Added key/value pair supporting the new Alert details.
  • PathTraversalScanRule > Updated to include Other Info on Alerts when applicable, and pre-check the original message response to reduce false positives.
  • PathTraversalScanRuleUnitTest > Updated to assert Other Info or lack thereof where applicable, also assure appropriate skipping due to pre-conditions.

Related Issues

  • Fixes zaproxy/zaproxy#8379

Checklist

  • [na] Update help
  • [x] Update changelog
  • [x] Run ./gradlew spotlessApply for code formatting
  • [x] Write tests
  • [x] Check code coverage
  • [x] Sign-off commits
  • [x] Squash commits
  • [x] Use a descriptive title

kingthorin avatar Oct 17 '24 13:10 kingthorin