zap - ZAProxy Jenkins plug in how to configure browser for ajax spider -

-

i started using zap proxy plug-in jenkins. using zap version 2.5.0. have managed configure plug-in in jenkins. there way can choose different browser ajax spider url(instead of default firefox)? in standalone version of zap, there option choose different browsers.

if use firefox(version 49) getting following error. while running jenkins planing use phantomjs or htmlunit.

--------------------------------------------------------------------    status spider = running     alerts number =         apiresponseelement numberofalerts = 92      org.openqa.selenium.firefox.notconnectedexception: unable connect host 127.0.0.1 on port 7055 after 45000 ms. firefox console output:     xpi debug   updating database changes installed add-ons     1478780397489   addons.xpi-utils    debug   updating add-on states     1478780397490   addons.xpi-utils    debug   writing add-ons list     1478780397494   addons.xpi  debug   registering manifest c:\program files (x86)\mozilla firefox\browser\features\e10srollout@mozilla.org.xpi     1478780397495   addons.xpi  debug   calling bootstrap method startup on e10srollout@mozilla.org version 1.3     1478780397495   addons.xpi  debug   registering manifest c:\program files (x86)\mozilla firefox\browser\features\firefox@getpocket.com.xpi     1478780397495   addons.xpi  debug   calling bootstrap method startup on firefox@getpocket.com version 1.0.4     1478780397496   addons.xpi  debug   registering manifest c:\program files (x86)\mozilla firefox\browser\features\webcompat@mozilla.org.xpi     1478780397497   addons.xpi  debug   calling bootstrap method startup on webcompat@mozilla.org version 1.0     1478780397499   addons.manager  debug   registering shutdown blocker xpiprovider     1478780397499   addons.manager  debug   provider finished startup: xpiprovider     1478780397499   addons.manager  debug   starting provider: lightweightthememanager     1478780397499   addons.manager  debug   registering shutdown blocker lightweightthememanager     1478780397499   addons.manager  debug   provider finished startup: lightweightthememanager     1478780397500   addons.manager  debug   starting provider: gmpprovider     1478780397520   addons.manager  debug   registering shutdown blocker gmpprovider     1478780397520   addons.manager  debug   provider finished startup: gmpprovider     1478780397521   addons.manager  debug   starting provider: pluginprovider     1478780397521   addons.manager  debug   registering shutdown blocker pluginprovider     1478780397522   addons.manager  debug   provider finished startup: pluginprovider     1478780397522   addons.manager  debug   completed startup sequence     1478780400822   addons.manager  debug   starting provider: <unnamed-provider>     1478780400822   addons.manager  debug   registering shutdown blocker <unnamed-provider>     1478780400823   addons.manager  debug   provider finished startup: <unnamed-provider>     1478780403674   deferredsave.extensions.json    debug   write succeeded     1478780403674   addons.xpi-utils    debug   xpi database saved, setting schema version preference 17     1478780403674   deferredsave.extensions.json    debug   starting timer     1478780403695   addons.repository   debug   no addons.json found.     1478780403706   deferredsave.addons.json    debug   save changes     1478780403726   deferredsave.addons.json    debug   starting timer     1478780404682   addons.manager  debug   starting provider: previousexperimentprovider     1478780404682   addons.manager  debug   registering shutdown blocker previousexperimentprovider     1478780404683   addons.manager  debug   provider finished startup: previousexperimentprovider     1478780404687   deferredsave.extensions.json    debug   starting write     1478780404737   deferredsave.addons.json    debug   starting write     1478780404994   deferredsave.extensions.json    debug   write succeeded     1478780405052   deferredsave.addons.json    debug   write succeeded     1478780419483   addons.xpi  debug   calling bootstrap method shutdown on e10srollout@mozilla.org version 1.3     1478780419483   addons.xpi  debug   calling bootstrap method shutdown on firefox@getpocket.com version 1.0.4     1478780419483   addons.xpi  debug   calling bootstrap method shutdown on webcompat@mozilla.org version 1.0     1478780420249   addons.manager  debug   shutdown     1478780420250   addons.manager  debug   calling shutdown blocker xpiprovider     1478780420250   addons.xpi  debug   shutdown     1478780420250   addons.xpi-utils    debug   shutdown     1478780420251   addons.manager  debug   calling shutdown blocker lightweightthememanager     1478780420251   addons.manager  debug   calling shutdown blocker gmpprovider     1478780420253   addons.manager  debug   calling shutdown blocker pluginprovider     1478780420254   addons.manager  debug   calling shutdown blocker <unnamed-provider>     1478780420255   addons.manager  debug   calling shutdown blocker previousexperimentprovider     1478780420258   addons.xpi  debug   notifying xpi shutdown observers     1478780420261   addons.manager  debug   async provider shutdown done          @ org.openqa.selenium.firefox.internal.newprofileextensionconnection.start(newprofileextensionconnection.java:112)         @ org.openqa.selenium.firefox.firefoxdriver.startclient(firefoxdriver.java:271)         @ org.openqa.selenium.remote.remotewebdriver.<init>(remotewebdriver.java:119)         @ org.openqa.selenium.firefox.firefoxdriver.<init>(firefoxdriver.java:218)         @ org.openqa.selenium.firefox.firefoxdriver.<init>(firefoxdriver.java:211)         @ org.openqa.selenium.firefox.firefoxdriver.<init>(firefoxdriver.java:129)         @ org.zaproxy.zap.extension.selenium.extensionselenium.getwebdriverimpl(extensionselenium.java:241)         @ org.zaproxy.zap.extension.selenium.extensionselenium.getwebdriver(extensionselenium.java:224)         @ org.zaproxy.zap.extension.spiderajax.spiderthread$ajaxspiderbrowserbuilder.get(spiderthread.java:358)         @ org.zaproxy.zap.extension.spiderajax.spiderthread$ajaxspiderbrowserbuilder.get(spiderthread.java:329)         @ com.google.inject.util.providers$3.get(providers.java:109)         @ com.google.inject.internal.internalfactorytoprovideradapter.get(internalfactorytoprovideradapter.java:40)         @ com.google.inject.internal.singleparameterinjector.inject(singleparameterinjector.java:38)         @ com.google.inject.internal.singleparameterinjector.getall(singleparameterinjector.java:62)         @ com.google.inject.internal.constructorinjector.construct(constructorinjector.java:84)         @ com.google.inject.internal.constructorbindingimpl$factory.get(constructorbindingimpl.java:254)         @ com.google.inject.internal.singleparameterinjector.inject(singleparameterinjector.java:38)         @ com.google.inject.internal.singleparameterinjector.getall(singleparameterinjector.java:62)         @ com.google.inject.internal.constructorinjector.construct(constructorinjector.java:84)         @ com.google.inject.internal.constructorbindingimpl$factory.get(constructorbindingimpl.java:254)         @ com.google.inject.internal.singleparameterinjector.inject(singleparameterinjector.java:38)         @ com.google.inject.internal.singleparameterinjector.getall(singleparameterinjector.java:62)         @ com.google.inject.internal.constructorinjector.construct(constructorinjector.java:84)         @ com.google.inject.internal.constructorbindingimpl$factory.get(constructorbindingimpl.java:254)         @ com.google.inject.internal.injectorimpl$4$1.call(injectorimpl.java:978)         @ com.google.inject.internal.injectorimpl.callincontext(injectorimpl.java:1024)         @ com.google.inject.internal.injectorimpl$4.get(injectorimpl.java:974)         @ com.crawljax.core.crawlcontroller.call(crawlcontroller.java:65)         @ com.crawljax.core.crawljaxrunner.call(crawljaxrunner.java:37)         @ org.zaproxy.zap.extension.spiderajax.spiderthread.run(spiderthread.java:196)         @ java.lang.thread.run(unknown source)     55912 [thread-8] warn org.zaproxy.zap.extension.spiderajax.spiderthread  - failed start browser firefox     com.google.inject.provisionexception: guice provision errors:

the existing zaproxy-plugin stop being distributed allow existing users of plugin use current version. plugin long abandoned , far know didn't produce 1 1 results ui (from own testing). furthermore never official zap plugin rather made users.

an official owasp zed attack proxy jenkins plugin coming soon, i'm lead developer on project. check jenkins marketplace next week or zap blogs more information next week.

to answer questions in regards official plugin.

is there way can choose different browser ajax spider url(instead of default firefox)? not @ moment, supports firefox.

i use firefox(version 49) should not use latest , greatest version of firefox, third party open source software takes time catch up. having said that, use firefox 46 , have no issues. see here more details on supported browsers.

p.s. note future, useful post version of plugin you're using.

edit: firefox default, it's possible change browser through command line though.

-config ajaxspider.browserid=htmlunit -config ajaxspider.browserid=phantomjs

if work , won't cause issues either old zaproxy-plugin or new one, don't know.


Comments

Post a Comment

Popular posts from this blog

php - How to display all orders for a single product showing the most recent first? Woocommerce -

-
i have password protected page on frontend. on page, want display full list of purchases associated single woocommerce product id. option 1: i've looked through woocommerce docs , , found: wc_cli_order , list_( $args, $assoc_args ) function lists orders. presumably, orders can filtered product id [--=] filter orders based on order property. line item fields (numeric array, started index zero): line_items.0.product_id option 2: i found article , based on customer id. i've modified code based on guesses meta_key , meta_value. $customer_orders = get_posts( array( 'numberposts' => -1, 'meta_key' => '_product', 'meta_value' => get_product_id(), 'post_type' => wc_get_order_types(), 'post_status' => array_keys( wc_get_order_statuses() ), ) ); how display orders single product showing recent order first? here solution put based on these articles: http://www.w...
Read more

asp.net - How to correctly use QUERY_STRING in ISAPI rewrite? -

-
i'm having difficult time , hope guys can help. using helicon isapi rewrite version 3.1.0.104 on our iis server. edit http.conf file , have tried , still fail. this trying do: redirect url: https://www.domain.com/switch-by-version?version=2.8.5.2594 to: https://test.domain.com/load/load.aspx?tver=2.8.5.2594 the version number @ end source url change, , need target url have same version number @ end of url example above shows. i tried following not work: rewritecond %{query_string} ^version=(\d\d?)\.(\d\d?)\.(\d\d?)\.(.*)$ [nc] rewriterule ^/switch-by-version(.*)$ https://test.domain.com/load/load.aspx?tver=%1 [r=307,nc,l] any appreciated! thanks. if it's running in equivalent context of .htaccess , rule shouldn't start / . here's simpler version: rewritecond %{query_string} ^version=(\d+\.\d+\.\d+(?:\..+)?)$ [nc] rewriterule ^switch-by-version/?$ https://test.domain.com/load/load.aspx?tver=%1 [r=307,nc,l]
Read more

angularjs - How restrict admin panel using in backend laravel and admin panel on angular? -

-
https://scotch.io/tutorials/token-based-authentication-for-angularjs-and-laravel-apps following tutorials, try write authentication restrict admin panel, didn't understood how can that. this admin panel, admin panel don't want show , request database unauthenticated users. my laravel-routes route::get('/admin',function(){ return view('index'); }); route::get('/api/v1/employees/{id?}', 'employees@index'); route::get('/api/v1/users/{id?}', 'employees@users'); route::post('/api/v1/employees', 'employees@store'); route::post('/api/v1/employees/{id}', 'employees@update'); route::delete('/api/v1/employees/{id}', 'employees@destroy'); route::group(['prefix' => 'api'], function() { route::resource('authenticate', 'authenticatecontroller', ['only' => ['index']]); route::post('authenticate', 'authentic...
Read more