From 99fc82a29bb242d57db2f417b1e4dd1ca158ada4 Mon Sep 17 00:00:00 2001 From: thc202 Date: Fri, 12 Jun 2026 11:31:33 +0100 Subject: [PATCH] Update APIs of add-on Update the APIs of the following add-on: - Client Side Integration version 0.27.0. Signed-off-by: thc202 --- CHANGELOG.md | 2 + src/zapv2/client.py | 23 +++++ src/zapv2/clientSpider.py | 186 +++++++++++++++++++++++++++++++++++++- 3 files changed, 210 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d21cb5e..5d97b4a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,8 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/). ### Changed - Added support for 'method' parameter on Replacer 'add_rule' +- Update the APIs of the following add-ons: + - Client Side Integration version 0.27.0. ### Fixed - Return the whole response from `alert.alert_counts_by_risk` (Issue 9314). diff --git a/src/zapv2/client.py b/src/zapv2/client.py index 64bbd87..805960a 100644 --- a/src/zapv2/client.py +++ b/src/zapv2/client.py @@ -27,6 +27,22 @@ class client(object): def __init__(self, zap): self.zap = zap + @property + def option_pscan_rules_disabled(self): + """ + Gets the IDs of the disabled client passive scan rules. + This component is optional and therefore the API will only work if it is installed + """ + return six.next(six.itervalues(self.zap._request(self.zap.base + 'client/view/optionPscanRulesDisabled/'))) + + @property + def option_pscan_enabled(self): + """ + Gets whether or not the client passive scanner is enabled. + This component is optional and therefore the API will only work if it is installed + """ + return six.next(six.itervalues(self.zap._request(self.zap.base + 'client/view/optionPscanEnabled/'))) + def report_object(self, objectjson, apikey=''): """ This component is optional and therefore the API will only work if it is installed @@ -57,3 +73,10 @@ def export_client_map(self, pathyaml, apikey=''): This component is optional and therefore the API will only work if it is installed """ return six.next(six.itervalues(self.zap._request(self.zap.base + 'client/action/exportClientMap/', {'pathYaml': pathyaml}))) + + def set_option_pscan_enabled(self, boolean, apikey=''): + """ + Sets whether or not the client passive scanner is enabled. + This component is optional and therefore the API will only work if it is installed + """ + return six.next(six.itervalues(self.zap._request(self.zap.base + 'client/action/setOptionPscanEnabled/', {'Boolean': boolean}))) diff --git a/src/zapv2/clientSpider.py b/src/zapv2/clientSpider.py index 73026d2..70c0f7b 100644 --- a/src/zapv2/clientSpider.py +++ b/src/zapv2/clientSpider.py @@ -34,7 +34,103 @@ def status(self, scanid): """ return six.next(six.itervalues(self.zap._request(self.zap.base + 'clientSpider/view/status/', {'scanId': scanid}))) - def scan(self, browser=None, url=None, contextname=None, username=None, subtreeonly=None, maxcrawldepth=None, pageloadtime=None, numberofbrowsers=None, scopecheck=None, apikey=''): + @property + def option_action_wait_time_in_secs(self): + """ + Gets the action wait time option. + This component is optional and therefore the API will only work if it is installed + """ + return six.next(six.itervalues(self.zap._request(self.zap.base + 'clientSpider/view/optionActionWaitTimeInSecs/'))) + + @property + def option_browser_id(self): + """ + Gets the browser ID option. + This component is optional and therefore the API will only work if it is installed + """ + return six.next(six.itervalues(self.zap._request(self.zap.base + 'clientSpider/view/optionBrowserId/'))) + + @property + def option_initial_load_time_in_secs(self): + """ + Gets the initial page load time option. + This component is optional and therefore the API will only work if it is installed + """ + return six.next(six.itervalues(self.zap._request(self.zap.base + 'clientSpider/view/optionInitialLoadTimeInSecs/'))) + + @property + def option_max_children(self): + """ + Gets the maximum children option. + This component is optional and therefore the API will only work if it is installed + """ + return six.next(six.itervalues(self.zap._request(self.zap.base + 'clientSpider/view/optionMaxChildren/'))) + + @property + def option_max_depth(self): + """ + Gets the maximum crawl depth option. + This component is optional and therefore the API will only work if it is installed + """ + return six.next(six.itervalues(self.zap._request(self.zap.base + 'clientSpider/view/optionMaxDepth/'))) + + @property + def option_max_duration(self): + """ + Gets the maximum duration option. + This component is optional and therefore the API will only work if it is installed + """ + return six.next(six.itervalues(self.zap._request(self.zap.base + 'clientSpider/view/optionMaxDuration/'))) + + @property + def option_max_scans_in_ui(self): + """ + Gets the maximum scans in the UI option. + This component is optional and therefore the API will only work if it is installed + """ + return six.next(six.itervalues(self.zap._request(self.zap.base + 'clientSpider/view/optionMaxScansInUi/'))) + + @property + def option_page_load_time_in_secs(self): + """ + Gets the page load time option. + This component is optional and therefore the API will only work if it is installed + """ + return six.next(six.itervalues(self.zap._request(self.zap.base + 'clientSpider/view/optionPageLoadTimeInSecs/'))) + + @property + def option_scope_check(self): + """ + Gets the scope check option. + This component is optional and therefore the API will only work if it is installed + """ + return six.next(six.itervalues(self.zap._request(self.zap.base + 'clientSpider/view/optionScopeCheck/'))) + + @property + def option_shutdown_time_in_secs(self): + """ + Gets the shutdown time option. + This component is optional and therefore the API will only work if it is installed + """ + return six.next(six.itervalues(self.zap._request(self.zap.base + 'clientSpider/view/optionShutdownTimeInSecs/'))) + + @property + def option_thread_count(self): + """ + Gets the number of browser windows to open option. + This component is optional and therefore the API will only work if it is installed + """ + return six.next(six.itervalues(self.zap._request(self.zap.base + 'clientSpider/view/optionThreadCount/'))) + + @property + def option_logout_avoidance(self): + """ + Gets whether or not the spider avoids clicking logout elements. + This component is optional and therefore the API will only work if it is installed + """ + return six.next(six.itervalues(self.zap._request(self.zap.base + 'clientSpider/view/optionLogoutAvoidance/'))) + + def scan(self, browser=None, url=None, contextname=None, username=None, subtreeonly=None, maxcrawldepth=None, pageloadtime=None, actionwaittime=None, numberofbrowsers=None, scopecheck=None, logoutavoidance=None, apikey=''): """ Starts a client spider scan. This component is optional and therefore the API will only work if it is installed @@ -54,10 +150,14 @@ def scan(self, browser=None, url=None, contextname=None, username=None, subtreeo params['maxCrawlDepth'] = maxcrawldepth if pageloadtime is not None: params['pageLoadTime'] = pageloadtime + if actionwaittime is not None: + params['actionWaitTime'] = actionwaittime if numberofbrowsers is not None: params['numberOfBrowsers'] = numberofbrowsers if scopecheck is not None: params['scopeCheck'] = scopecheck + if logoutavoidance is not None: + params['logoutAvoidance'] = logoutavoidance return six.next(six.itervalues(self.zap._request(self.zap.base + 'clientSpider/action/scan/', params))) def stop(self, scanid, apikey=''): @@ -66,3 +166,87 @@ def stop(self, scanid, apikey=''): This component is optional and therefore the API will only work if it is installed """ return six.next(six.itervalues(self.zap._request(self.zap.base + 'clientSpider/action/stop/', {'scanId': scanid}))) + + def set_option_browser_id(self, string, apikey=''): + """ + Sets the browser ID option. + This component is optional and therefore the API will only work if it is installed + """ + return six.next(six.itervalues(self.zap._request(self.zap.base + 'clientSpider/action/setOptionBrowserId/', {'String': string}))) + + def set_option_scope_check(self, string, apikey=''): + """ + Sets the scope check option. + This component is optional and therefore the API will only work if it is installed + """ + return six.next(six.itervalues(self.zap._request(self.zap.base + 'clientSpider/action/setOptionScopeCheck/', {'String': string}))) + + def set_option_action_wait_time_in_secs(self, integer, apikey=''): + """ + Sets the action wait time option. + This component is optional and therefore the API will only work if it is installed + """ + return six.next(six.itervalues(self.zap._request(self.zap.base + 'clientSpider/action/setOptionActionWaitTimeInSecs/', {'Integer': integer}))) + + def set_option_initial_load_time_in_secs(self, integer, apikey=''): + """ + Sets the initial page load time option. + This component is optional and therefore the API will only work if it is installed + """ + return six.next(six.itervalues(self.zap._request(self.zap.base + 'clientSpider/action/setOptionInitialLoadTimeInSecs/', {'Integer': integer}))) + + def set_option_logout_avoidance(self, boolean, apikey=''): + """ + Sets whether or not the spider should avoid clicking logout elements. + This component is optional and therefore the API will only work if it is installed + """ + return six.next(six.itervalues(self.zap._request(self.zap.base + 'clientSpider/action/setOptionLogoutAvoidance/', {'Boolean': boolean}))) + + def set_option_max_children(self, integer, apikey=''): + """ + Sets the maximum children option. + This component is optional and therefore the API will only work if it is installed + """ + return six.next(six.itervalues(self.zap._request(self.zap.base + 'clientSpider/action/setOptionMaxChildren/', {'Integer': integer}))) + + def set_option_max_depth(self, integer, apikey=''): + """ + Sets the maximum crawl depth option. + This component is optional and therefore the API will only work if it is installed + """ + return six.next(six.itervalues(self.zap._request(self.zap.base + 'clientSpider/action/setOptionMaxDepth/', {'Integer': integer}))) + + def set_option_max_duration(self, integer, apikey=''): + """ + Sets the maximum duration option. + This component is optional and therefore the API will only work if it is installed + """ + return six.next(six.itervalues(self.zap._request(self.zap.base + 'clientSpider/action/setOptionMaxDuration/', {'Integer': integer}))) + + def set_option_max_scans_in_ui(self, integer, apikey=''): + """ + Sets the maximum scans in the UI option. + This component is optional and therefore the API will only work if it is installed + """ + return six.next(six.itervalues(self.zap._request(self.zap.base + 'clientSpider/action/setOptionMaxScansInUi/', {'Integer': integer}))) + + def set_option_page_load_time_in_secs(self, integer, apikey=''): + """ + Sets the page load time option. + This component is optional and therefore the API will only work if it is installed + """ + return six.next(six.itervalues(self.zap._request(self.zap.base + 'clientSpider/action/setOptionPageLoadTimeInSecs/', {'Integer': integer}))) + + def set_option_shutdown_time_in_secs(self, integer, apikey=''): + """ + Sets the shutdown time option. + This component is optional and therefore the API will only work if it is installed + """ + return six.next(six.itervalues(self.zap._request(self.zap.base + 'clientSpider/action/setOptionShutdownTimeInSecs/', {'Integer': integer}))) + + def set_option_thread_count(self, integer, apikey=''): + """ + Sets the number of browser windows to open option. + This component is optional and therefore the API will only work if it is installed + """ + return six.next(six.itervalues(self.zap._request(self.zap.base + 'clientSpider/action/setOptionThreadCount/', {'Integer': integer})))