├── assets
└── images
│ └── ZapNodeApi.png
├── .eslintrc.json
├── .github
├── dependabot.yml
└── workflows
│ ├── ci.yml
│ └── publish.yml
├── .gitignore
├── src
├── retest.js
├── params.js
├── reveal.js
├── soap.js
├── postman.js
├── revisit.js
├── wappalyzer.js
├── forcedUser.js
├── automation.js
├── ruleConfig.js
├── client.js
├── authorization.js
├── sessionManagement.js
├── acsrf.js
├── pnh.js
├── openapi.js
├── accessControl.js
├── clientSpider.js
├── replacer.js
├── authentication.js
├── websocket.js
├── reports.js
├── brk.js
├── stats.js
├── oast.js
├── custompayloads.js
├── exim.js
├── index.js
├── httpSessions.js
├── pscan.js
├── autoupdate.js
├── graphql.js
├── users.js
├── context.js
├── selenium.js
├── script.js
├── alert.js
├── alertFilter.js
└── search.js
├── package.json
├── README.md
├── CHANGELOG.md
└── LICENSE
/assets/images/ZapNodeApi.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/zaproxy/zap-api-nodejs/HEAD/assets/images/ZapNodeApi.png
--------------------------------------------------------------------------------
/.eslintrc.json:
--------------------------------------------------------------------------------
1 | {
2 | "env": {
3 | "commonjs": true,
4 | "es2021": true,
5 | "node": true
6 | },
7 | "extends": "standard",
8 | "overrides": [
9 | ],
10 | "parserOptions": {
11 | "ecmaVersion": "latest"
12 | },
13 | "rules": {
14 | }
15 | }
16 |
--------------------------------------------------------------------------------
/.github/dependabot.yml:
--------------------------------------------------------------------------------
1 | version: 2
2 | updates:
3 | - package-ecosystem: npm
4 | directory: "/"
5 | schedule:
6 | interval: weekly
7 | open-pull-requests-limit: 10
8 | - package-ecosystem: "github-actions"
9 | directory: "/"
10 | schedule:
11 | interval: "monthly"
12 | groups:
13 | gha:
14 | applies-to: version-updates
15 | patterns:
16 | - "*"
17 |
--------------------------------------------------------------------------------
/.github/workflows/ci.yml:
--------------------------------------------------------------------------------
1 | name: CI
2 |
3 | on:
4 | push:
5 | branches:
6 | - main
7 | pull_request:
8 |
9 | jobs:
10 | eslint:
11 | runs-on: ubuntu-latest
12 | steps:
13 | - uses: actions/checkout@v6
14 | - uses: actions/setup-node@v6
15 | with:
16 | node-version: 17
17 | - run: npm ci
18 |
19 | - name: Run eslint
20 | run: npm run lint
21 |
--------------------------------------------------------------------------------
/.github/workflows/publish.yml:
--------------------------------------------------------------------------------
1 | name: Publish Package
2 |
3 | on:
4 | push:
5 | tags:
6 | - v*
7 |
8 | permissions:
9 | id-token: write # Required for OIDC
10 | contents: read
11 |
12 | jobs:
13 | build:
14 | runs-on: ubuntu-latest
15 | steps:
16 | - uses: actions/checkout@v6
17 | - uses: actions/setup-node@v6
18 | with:
19 | node-version: 24
20 | registry-url: 'https://registry.npmjs.org'
21 | - run: npm ci
22 | - run: npm publish
23 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | # Logs
2 | logs
3 | *.log
4 | npm-debug.log*
5 |
6 | # Runtime data
7 | pids
8 | *.pid
9 | *.seed
10 |
11 | # Directory for instrumented libs generated by jscoverage/JSCover
12 | lib-cov
13 |
14 | # Coverage directory used by tools like istanbul
15 | coverage
16 |
17 | # Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files)
18 | .grunt
19 |
20 | # node-waf configuration
21 | .lock-wscript
22 |
23 | # Compiled binary addons (http://nodejs.org/api/addons.html)
24 | build/Release
25 |
26 | # Dependency directory
27 | node_modules
28 |
29 | # Optional npm cache directory
30 | .npm
31 |
32 | # Optional REPL history
33 | .node_repl_history
34 |
--------------------------------------------------------------------------------
/src/retest.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Retest (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * This component is optional and therefore the API will only work if it is installed
31 | **/
32 | Retest.prototype.retest = function (args) {
33 | return this.api.request('/retest/action/retest/', { alertIds: args.alertids })
34 | }
35 |
36 | module.exports = Retest
37 |
--------------------------------------------------------------------------------
/package.json:
--------------------------------------------------------------------------------
1 | {
2 | "name": "zaproxy",
3 | "description": "ZAP API Client for Node.js",
4 | "version": "2.0.0-rc.7",
5 | "homepage": "https://github.com/zaproxy/zap-api-nodejs",
6 | "author": {
7 | "name": "Najam Ul Saqib",
8 | "email": "njmulsqb@protonmail.com"
9 | },
10 | "repository": {
11 | "type": "git",
12 | "url": "https://github.com/zaproxy/zap-api-nodejs.git"
13 | },
14 | "bugs": {
15 | "url": "https://github.com/zaproxy/zap-api-nodejs/issues"
16 | },
17 | "licenses": [
18 | {
19 | "type": "Apache",
20 | "url": "https://github.com/zaproxy/zap-api-nodejs/blob/main/LICENSE"
21 | }
22 | ],
23 | "main": "src/index.js",
24 | "engines": {
25 | "node": ">=17.0.0"
26 | },
27 | "scripts": {
28 | "lint": "eslint ./src",
29 | "lint:fix": "eslint --fix ./src"
30 | },
31 | "dependencies": {
32 | "axios": "^1.3.3"
33 | },
34 | "keywords": [
35 | "zaproxy",
36 | "api",
37 | "wrapper",
38 | "security",
39 | "infosec"
40 | ],
41 | "devDependencies": {
42 | "eslint": "^8.36.0",
43 | "eslint-config-standard": "^17.0.0",
44 | "eslint-plugin-import": "^2.27.5",
45 | "eslint-plugin-n": "^16.0.1",
46 | "eslint-plugin-promise": "^6.1.1"
47 | }
48 | }
49 |
--------------------------------------------------------------------------------
/src/params.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Params (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Shows the parameters for the specified site, or for all sites if the site is not specified
31 | * @param {string} site
32 | **/
33 | Params.prototype.params = function (args) {
34 | const params = { }
35 | if (args.site && args.site !== null) {
36 | params.site = args.site
37 | }
38 | return this.api.request('/params/view/params/', params)
39 | }
40 |
41 | module.exports = Params
42 |
--------------------------------------------------------------------------------
/src/reveal.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Reveal (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Tells if shows hidden fields and enables disabled fields
31 | * This component is optional and therefore the API will only work if it is installed
32 | **/
33 | Reveal.prototype.reveal = function () {
34 | return this.api.request('/reveal/view/reveal/')
35 | }
36 |
37 | /**
38 | * Sets if shows hidden fields and enables disabled fields
39 | * This component is optional and therefore the API will only work if it is installed
40 | * @param {string} reveal
41 | **/
42 | Reveal.prototype.setReveal = function (args) {
43 | return this.api.request('/reveal/action/setReveal/', { reveal: args.reveal })
44 | }
45 |
46 | module.exports = Reveal
47 |
--------------------------------------------------------------------------------
/src/soap.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Soap (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Import a WSDL definition from local file.
31 | * This component is optional and therefore the API will only work if it is installed
32 | * @param {string} file
33 | **/
34 | Soap.prototype.importFile = function (args) {
35 | return this.api.request('/soap/action/importFile/', { file: args.file })
36 | }
37 |
38 | /**
39 | * Import a WSDL definition from a URL.
40 | * This component is optional and therefore the API will only work if it is installed
41 | * @param {string} url
42 | **/
43 | Soap.prototype.importUrl = function (args) {
44 | return this.api.request('/soap/action/importUrl/', { url: args.url })
45 | }
46 |
47 | module.exports = Soap
48 |
--------------------------------------------------------------------------------
/src/postman.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2025 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Postman (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Imports a Postman collection from a file.
31 | * This component is optional and therefore the API will only work if it is installed
32 | * @param {string} file - The path to the file to be imported.
33 | **/
34 | Postman.prototype.importFile = function (args) {
35 | return this.api.request('/postman/action/importFile/', { file: args.file })
36 | }
37 |
38 | /**
39 | * Imports a Postman collection from a URL.
40 | * This component is optional and therefore the API will only work if it is installed
41 | * @param {string} url - The URL from which to retrieve the collection to be imported.
42 | **/
43 | Postman.prototype.importUrl = function (args) {
44 | return this.api.request('/postman/action/importUrl/', { url: args.url })
45 | }
46 |
47 | module.exports = Postman
48 |
--------------------------------------------------------------------------------
/src/revisit.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Revisit (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * This component is optional and therefore the API will only work if it is installed
31 | **/
32 | Revisit.prototype.revisitList = function () {
33 | return this.api.request('/revisit/view/revisitList/')
34 | }
35 |
36 | /**
37 | * This component is optional and therefore the API will only work if it is installed
38 | **/
39 | Revisit.prototype.revisitSiteOn = function (args) {
40 | return this.api.request('/revisit/action/revisitSiteOn/', { site: args.site, startTime: args.starttime, endTime: args.endtime })
41 | }
42 |
43 | /**
44 | * This component is optional and therefore the API will only work if it is installed
45 | **/
46 | Revisit.prototype.revisitSiteOff = function (args) {
47 | return this.api.request('/revisit/action/revisitSiteOff/', { site: args.site })
48 | }
49 |
50 | module.exports = Revisit
51 |
--------------------------------------------------------------------------------
/src/wappalyzer.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Wappalyzer (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Lists all the sites recognized by the Technology Detection add-on.
31 | * This component is optional and therefore the API will only work if it is installed
32 | **/
33 | Wappalyzer.prototype.listSites = function () {
34 | return this.api.request('/wappalyzer/view/listSites/')
35 | }
36 |
37 | /**
38 | * Lists all sites and their associated applications (technologies).
39 | * This component is optional and therefore the API will only work if it is installed
40 | **/
41 | Wappalyzer.prototype.listAll = function () {
42 | return this.api.request('/wappalyzer/view/listAll/')
43 | }
44 |
45 | /**
46 | * Lists all the applications (technologies) associated with a specific site.
47 | * This component is optional and therefore the API will only work if it is installed
48 | * @param {string} site
49 | **/
50 | Wappalyzer.prototype.listSite = function (args) {
51 | return this.api.request('/wappalyzer/view/listSite/', { site: args.site })
52 | }
53 |
54 | module.exports = Wappalyzer
55 |
--------------------------------------------------------------------------------
/src/forcedUser.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function ForcedUser (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Returns 'true' if 'forced user' mode is enabled, 'false' otherwise
31 | **/
32 | ForcedUser.prototype.isForcedUserModeEnabled = function () {
33 | return this.api.request('/forcedUser/view/isForcedUserModeEnabled/')
34 | }
35 |
36 | /**
37 | * Gets the user (ID) set as 'forced user' for the given context (ID)
38 | * @param {string} contextid
39 | **/
40 | ForcedUser.prototype.getForcedUser = function (args) {
41 | return this.api.request('/forcedUser/view/getForcedUser/', { contextId: args.contextid })
42 | }
43 |
44 | /**
45 | * Sets the user (ID) that should be used in 'forced user' mode for the given context (ID)
46 | * @param {string} contextid
47 | * @param {string} userid
48 | **/
49 | ForcedUser.prototype.setForcedUser = function (args) {
50 | return this.api.request('/forcedUser/action/setForcedUser/', { contextId: args.contextid, userId: args.userid })
51 | }
52 |
53 | /**
54 | * Sets if 'forced user' mode should be enabled or not
55 | * @param {string} bool
56 | **/
57 | ForcedUser.prototype.setForcedUserModeEnabled = function (args) {
58 | return this.api.request('/forcedUser/action/setForcedUserModeEnabled/', { boolean: args.bool })
59 | }
60 |
61 | module.exports = ForcedUser
62 |
--------------------------------------------------------------------------------
/src/automation.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Automation (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Returns the progress details for the specified planId
31 | * This component is optional and therefore the API will only work if it is installed
32 | * @param {string} planid
33 | **/
34 | Automation.prototype.planProgress = function (args) {
35 | return this.api.request('/automation/view/planProgress/', { planId: args.planid })
36 | }
37 |
38 | /**
39 | * Loads and asynchronously runs the plan in the specified file, returning a planId
40 | * This component is optional and therefore the API will only work if it is installed
41 | * @param {string} filepath
42 | **/
43 | Automation.prototype.runPlan = function (args) {
44 | return this.api.request('/automation/action/runPlan/', { filePath: args.filepath })
45 | }
46 |
47 | /**
48 | * Stops the running plan identified by the planId
49 | * This component is optional and therefore the API will only work if it is installed
50 | * @param {string} planid
51 | **/
52 | Automation.prototype.stopPlan = function (args) {
53 | return this.api.request('/automation/action/stopPlan/', { planId: args.planid })
54 | }
55 |
56 | /**
57 | * Ends the currently running delay job, if any
58 | * This component is optional and therefore the API will only work if it is installed
59 | **/
60 | Automation.prototype.endDelayJob = function () {
61 | return this.api.request('/automation/action/endDelayJob/')
62 | }
63 |
64 | module.exports = Automation
65 |
--------------------------------------------------------------------------------
/src/ruleConfig.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function RuleConfig (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Show the specified rule configuration
31 | * @param {string} key
32 | **/
33 | RuleConfig.prototype.ruleConfigValue = function (args) {
34 | return this.api.request('/ruleConfig/view/ruleConfigValue/', { key: args.key })
35 | }
36 |
37 | /**
38 | * Show all of the rule configurations
39 | **/
40 | RuleConfig.prototype.allRuleConfigs = function () {
41 | return this.api.request('/ruleConfig/view/allRuleConfigs/')
42 | }
43 |
44 | /**
45 | * Reset the specified rule configuration, which must already exist
46 | * @param {string} key
47 | **/
48 | RuleConfig.prototype.resetRuleConfigValue = function (args) {
49 | return this.api.request('/ruleConfig/action/resetRuleConfigValue/', { key: args.key })
50 | }
51 |
52 | /**
53 | * Reset all of the rule configurations
54 | **/
55 | RuleConfig.prototype.resetAllRuleConfigValues = function () {
56 | return this.api.request('/ruleConfig/action/resetAllRuleConfigValues/')
57 | }
58 |
59 | /**
60 | * Set the specified rule configuration, which must already exist
61 | * @param {string} key
62 | * @param {string} value
63 | **/
64 | RuleConfig.prototype.setRuleConfigValue = function (args) {
65 | const params = { key: args.key }
66 | if (args.value && args.value !== null) {
67 | params.value = args.value
68 | }
69 | return this.api.request('/ruleConfig/action/setRuleConfigValue/', params)
70 | }
71 |
72 | module.exports = RuleConfig
73 |
--------------------------------------------------------------------------------
/src/client.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2025 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Client (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * This component is optional and therefore the API will only work if it is installed
31 | **/
32 | Client.prototype.reportObject = function (args) {
33 | return this.api.request('/client/action/reportObject/', { objectJson: args.objectjson })
34 | }
35 |
36 | /**
37 | * This component is optional and therefore the API will only work if it is installed
38 | **/
39 | Client.prototype.reportEvent = function (args) {
40 | return this.api.request('/client/action/reportEvent/', { eventJson: args.eventjson })
41 | }
42 |
43 | /**
44 | * This component is optional and therefore the API will only work if it is installed
45 | **/
46 | Client.prototype.reportZestStatement = function (args) {
47 | return this.api.request('/client/action/reportZestStatement/', { statementJson: args.statementjson })
48 | }
49 |
50 | /**
51 | * This component is optional and therefore the API will only work if it is installed
52 | **/
53 | Client.prototype.reportZestScript = function (args) {
54 | return this.api.request('/client/action/reportZestScript/', { scriptJson: args.scriptjson })
55 | }
56 |
57 | /**
58 | * Exports the Client Map to a file.
59 | * This component is optional and therefore the API will only work if it is installed
60 | * @param {string} pathyaml - The file system path to the file.
61 | **/
62 | Client.prototype.exportClientMap = function (args) {
63 | return this.api.request('/client/action/exportClientMap/', { pathYaml: args.pathyaml })
64 | }
65 |
66 | module.exports = Client
67 |
--------------------------------------------------------------------------------
/src/authorization.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Authorization (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Obtains all the configuration of the authorization detection method that is currently set for a context.
31 | * @param {string} contextid
32 | **/
33 | Authorization.prototype.getAuthorizationDetectionMethod = function (args) {
34 | return this.api.request('/authorization/view/getAuthorizationDetectionMethod/', { contextId: args.contextid })
35 | }
36 |
37 | /**
38 | * Sets the authorization detection method for a context as one that identifies un-authorized messages based on: the message's status code or a regex pattern in the response's header or body. Also, whether all conditions must match or just some can be specified via the logicalOperator parameter, which accepts two values: "AND" (default), "OR".
39 | * @param {string} contextid
40 | * @param {string} headerregex
41 | * @param {string} bodyregex
42 | * @param {string} statuscode
43 | * @param {string} logicaloperator
44 | **/
45 | Authorization.prototype.setBasicAuthorizationDetectionMethod = function (args) {
46 | const params = { contextId: args.contextid }
47 | if (args.headerregex && args.headerregex !== null) {
48 | params.headerRegex = args.headerregex
49 | }
50 | if (args.bodyregex && args.bodyregex !== null) {
51 | params.bodyRegex = args.bodyregex
52 | }
53 | if (args.statuscode && args.statuscode !== null) {
54 | params.statusCode = args.statuscode
55 | }
56 | if (args.logicaloperator && args.logicaloperator !== null) {
57 | params.logicalOperator = args.logicaloperator
58 | }
59 | return this.api.request('/authorization/action/setBasicAuthorizationDetectionMethod/', params)
60 | }
61 |
62 | module.exports = Authorization
63 |
--------------------------------------------------------------------------------
/src/sessionManagement.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function SessionManagement (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Gets the name of the session management methods.
31 | **/
32 | SessionManagement.prototype.getSupportedSessionManagementMethods = function () {
33 | return this.api.request('/sessionManagement/view/getSupportedSessionManagementMethods/')
34 | }
35 |
36 | /**
37 | * Gets the configuration parameters for the session management method with the given name.
38 | * @param {string} methodname
39 | **/
40 | SessionManagement.prototype.getSessionManagementMethodConfigParams = function (args) {
41 | return this.api.request('/sessionManagement/view/getSessionManagementMethodConfigParams/', { methodName: args.methodname })
42 | }
43 |
44 | /**
45 | * Gets the name of the session management method for the context with the given ID.
46 | * @param {string} contextid
47 | **/
48 | SessionManagement.prototype.getSessionManagementMethod = function (args) {
49 | return this.api.request('/sessionManagement/view/getSessionManagementMethod/', { contextId: args.contextid })
50 | }
51 |
52 | /**
53 | * Sets the session management method for the context with the given ID.
54 | * @param {string} contextid
55 | * @param {string} methodname
56 | * @param {string} methodconfigparams
57 | **/
58 | SessionManagement.prototype.setSessionManagementMethod = function (args) {
59 | const params = { contextId: args.contextid, methodName: args.methodname }
60 | if (args.methodconfigparams && args.methodconfigparams !== null) {
61 | params.methodConfigParams = args.methodconfigparams
62 | }
63 | return this.api.request('/sessionManagement/action/setSessionManagementMethod/', params)
64 | }
65 |
66 | module.exports = SessionManagement
67 |
--------------------------------------------------------------------------------
/src/acsrf.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Acsrf (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Lists the names of all anti-CSRF tokens
31 | **/
32 | Acsrf.prototype.optionTokensNames = function () {
33 | return this.api.request('/acsrf/view/optionTokensNames/')
34 | }
35 |
36 | /**
37 | * Define if ZAP should detect CSRF tokens by searching for partial matches
38 | **/
39 | Acsrf.prototype.optionPartialMatchingEnabled = function () {
40 | return this.api.request('/acsrf/view/optionPartialMatchingEnabled/')
41 | }
42 |
43 | /**
44 | * Adds an anti-CSRF token with the given name, enabled by default
45 | * @param {string} string
46 | **/
47 | Acsrf.prototype.addOptionToken = function (args) {
48 | return this.api.request('/acsrf/action/addOptionToken/', { String: args.string })
49 | }
50 |
51 | /**
52 | * Removes the anti-CSRF token with the given name
53 | * @param {string} string
54 | **/
55 | Acsrf.prototype.removeOptionToken = function (args) {
56 | return this.api.request('/acsrf/action/removeOptionToken/', { String: args.string })
57 | }
58 |
59 | /**
60 | * Define if ZAP should detect CSRF tokens by searching for partial matches.
61 | * @param {string} bool
62 | **/
63 | Acsrf.prototype.setOptionPartialMatchingEnabled = function (args) {
64 | return this.api.request('/acsrf/action/setOptionPartialMatchingEnabled/', { Boolean: args.bool })
65 | }
66 |
67 | /**
68 | * Generate a form for testing lack of anti-CSRF tokens - typically invoked via ZAP
69 | * @param {string} hrefid - Define which request will be used
70 | * @param {string} actionurl - Define the action URL to be used in the generated form
71 | **/
72 | Acsrf.prototype.genForm = function (args) {
73 | const params = { hrefId: args.hrefid }
74 | if (args.actionurl && args.actionurl !== null) {
75 | params.actionUrl = args.actionurl
76 | }
77 | return this.api.request('/acsrf/other/genForm/', params, 'other')
78 | }
79 |
80 | module.exports = Acsrf
81 |
--------------------------------------------------------------------------------
/src/pnh.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Pnh (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * This component is optional and therefore the API will only work if it is installed
31 | **/
32 | Pnh.prototype.monitor = function (args) {
33 | return this.api.request('/pnh/action/monitor/', { id: args.id, message: args.message })
34 | }
35 |
36 | /**
37 | * This component is optional and therefore the API will only work if it is installed
38 | **/
39 | Pnh.prototype.oracle = function (args) {
40 | return this.api.request('/pnh/action/oracle/', { id: args.id })
41 | }
42 |
43 | /**
44 | * This component is optional and therefore the API will only work if it is installed
45 | **/
46 | Pnh.prototype.startMonitoring = function (args) {
47 | return this.api.request('/pnh/action/startMonitoring/', { url: args.url })
48 | }
49 |
50 | /**
51 | * This component is optional and therefore the API will only work if it is installed
52 | **/
53 | Pnh.prototype.stopMonitoring = function (args) {
54 | return this.api.request('/pnh/action/stopMonitoring/', { id: args.id })
55 | }
56 |
57 | /**
58 | * This component is optional and therefore the API will only work if it is installed
59 | **/
60 | Pnh.prototype.pnh = function () {
61 | return this.api.request('/pnh/other/pnh/', 'other')
62 | }
63 |
64 | /**
65 | * This component is optional and therefore the API will only work if it is installed
66 | **/
67 | Pnh.prototype.manifest = function () {
68 | return this.api.request('/pnh/other/manifest/', 'other')
69 | }
70 |
71 | /**
72 | * This component is optional and therefore the API will only work if it is installed
73 | **/
74 | Pnh.prototype.service = function () {
75 | return this.api.request('/pnh/other/service/', 'other')
76 | }
77 |
78 | /**
79 | * This component is optional and therefore the API will only work if it is installed
80 | **/
81 | Pnh.prototype.fx_pnhxpi = function () {
82 | return this.api.request('/pnh/other/fx_pnh.xpi/', 'other')
83 | }
84 |
85 | module.exports = Pnh
86 |
--------------------------------------------------------------------------------
/src/openapi.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Openapi (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Imports an OpenAPI definition from a local file.
31 | * This component is optional and therefore the API will only work if it is installed
32 | * @param {string} file - The file that contains the OpenAPI definition.
33 | * @param {string} target - The Target URL to override the server URL present in the definition.
34 | * @param {string} contextid - The ID of the context. Defaults to the first context, if any.
35 | * @param {string} userid - The ID of the user.
36 | **/
37 | Openapi.prototype.importFile = function (args) {
38 | const params = { file: args.file }
39 | if (args.target && args.target !== null) {
40 | params.target = args.target
41 | }
42 | if (args.contextid && args.contextid !== null) {
43 | params.contextId = args.contextid
44 | }
45 | if (args.userid && args.userid !== null) {
46 | params.userId = args.userid
47 | }
48 | return this.api.request('/openapi/action/importFile/', params)
49 | }
50 |
51 | /**
52 | * Imports an OpenAPI definition from a URL.
53 | * This component is optional and therefore the API will only work if it is installed
54 | * @param {string} url - The URL locating the OpenAPI definition.
55 | * @param {string} hostoverride - The Target URL (called hostOverride for historical reasons) to override the server URL present in the definition.
56 | * @param {string} contextid - The ID of the context. Defaults to the first context, if any.
57 | * @param {string} userid - The ID of the user.
58 | **/
59 | Openapi.prototype.importUrl = function (args) {
60 | const params = { url: args.url }
61 | if (args.hostoverride && args.hostoverride !== null) {
62 | params.hostOverride = args.hostoverride
63 | }
64 | if (args.contextid && args.contextid !== null) {
65 | params.contextId = args.contextid
66 | }
67 | if (args.userid && args.userid !== null) {
68 | params.userId = args.userid
69 | }
70 | return this.api.request('/openapi/action/importUrl/', params)
71 | }
72 |
73 | module.exports = Openapi
74 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 |
20 |
21 | The NodeJS implementation to access the [ZAP API](https://www.zaproxy.org/docs/api/). For more information
22 | about ZAP consult the (main) [ZAP project](https://github.com/zaproxy/zaproxy/).
23 |
24 | ## Install
25 |
26 | ```
27 | npm install zaproxy
28 | ```
29 |
30 | ## Usage
31 |
32 | By default ZAP [requires an API key](https://www.zaproxy.org/faq/why-is-an-api-key-required-by-default/) to be sent with every request. This is done automatically providing you supply the same API key when you instantiate the `ZapClient` that you use to run ZAP with. All following API requests will use this same API key.
33 | You can disable the API key when running ZAP if you are on a trusted network and understand the risks. If you choose to do so, you may omit the `apiKey` property of the `zapOptions` object supplied to `ZapClient`.
34 |
35 | ### Instantiate the Node API:
36 |
37 | ```js
38 | const ZapClient = require('zaproxy');
39 |
40 | const zapOptions = {
41 | apiKey: 'eahhr6h6kal92j21gkcnhkp80t',
42 | proxy: {
43 | host: '127.0.0.1',
44 | port: 8080,
45 | },
46 | };
47 |
48 | const zaproxy = new ZapClient(zapOptions);
49 |
50 | ```
51 |
52 | ### Use the Node API:
53 |
54 | ```js
55 | let params = {
56 | contextid: contextid,
57 | userid: userid,
58 | url: sutbaseurl,
59 | maxchildren: maxchildren,
60 | recurse: recurse,
61 | subtreeonly: subtreeonly,
62 | };
63 | let response = await zaproxy.spider.scanAsUser(params);
64 | console.log(response);
65 | ```
66 |
67 | ### Encountering Errors
68 |
69 | When encountering an error, like attempting to retrieve a non-existent context, a rejected promise will be returned. The rejection will contain an `ApiClientError` object, which encapsulates the specific details of the original error. This `ApiClientError` object offers valuable information regarding the failed request, and the original error can be accessed through the `cause` property. The response details, if any, are available through the `response` property, containing the `status` and `data` (body).
70 |
71 | ## API
72 |
73 | For a full API list, see [https://www.zaproxy.org/docs/api/](https://www.zaproxy.org/docs/api/).
74 |
75 |
76 | ## Getting Help
77 |
78 | For help using the ZAP API refer to:
79 |
80 | * [API Documentation](https://www.zaproxy.org/docs/api/);
81 | * [ZAP User Group](https://groups.google.com/group/zaproxy-users) - for asking questions;
82 |
83 | ## Issues
84 |
85 | To report issues related to the ZAP Node API, bugs and enhancements requests, use the [issue tracker of this project](https://github.com/zaproxy/zap-api-nodejs/issues).
86 |
--------------------------------------------------------------------------------
/src/accessControl.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function AccessControl (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Gets the Access Control scan progress (percentage integer) for the given context ID.
31 | * This component is optional and therefore the API will only work if it is installed
32 | * @param {string} contextid
33 | **/
34 | AccessControl.prototype.getScanProgress = function (args) {
35 | return this.api.request('/accessControl/view/getScanProgress/', { contextId: args.contextid })
36 | }
37 |
38 | /**
39 | * Gets the Access Control scan status (description string) for the given context ID.
40 | * This component is optional and therefore the API will only work if it is installed
41 | * @param {string} contextid
42 | **/
43 | AccessControl.prototype.getScanStatus = function (args) {
44 | return this.api.request('/accessControl/view/getScanStatus/', { contextId: args.contextid })
45 | }
46 |
47 | /**
48 | * Starts an Access Control scan with the given context ID and user ID. (Optional parameters: user ID for Unauthenticated user, boolean identifying whether or not Alerts are raised, and the Risk level for the Alerts.) [This assumes the Access Control rules were previously established via ZAP gui and the necessary Context exported/imported.]
49 | * This component is optional and therefore the API will only work if it is installed
50 | * @param {string} contextid
51 | * @param {string} userid
52 | * @param {string} scanasunauthuser
53 | * @param {string} raisealert
54 | * @param {string} alertrisklevel
55 | **/
56 | AccessControl.prototype.scan = function (args) {
57 | const params = { contextId: args.contextid, userId: args.userid }
58 | if (args.scanasunauthuser && args.scanasunauthuser !== null) {
59 | params.scanAsUnAuthUser = args.scanasunauthuser
60 | }
61 | if (args.raisealert && args.raisealert !== null) {
62 | params.raiseAlert = args.raisealert
63 | }
64 | if (args.alertrisklevel && args.alertrisklevel !== null) {
65 | params.alertRiskLevel = args.alertrisklevel
66 | }
67 | return this.api.request('/accessControl/action/scan/', params)
68 | }
69 |
70 | /**
71 | * Generates an Access Control report for the given context ID and saves it based on the provided filename (path).
72 | * This component is optional and therefore the API will only work if it is installed
73 | * @param {string} contextid
74 | * @param {string} filename
75 | **/
76 | AccessControl.prototype.writeHTMLreport = function (args) {
77 | return this.api.request('/accessControl/action/writeHTMLreport/', { contextId: args.contextid, fileName: args.filename })
78 | }
79 |
80 | module.exports = AccessControl
81 |
--------------------------------------------------------------------------------
/src/clientSpider.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2025 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function ClientSpider (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Gets the status of a client spider scan.
31 | * This component is optional and therefore the API will only work if it is installed
32 | * @param {string} scanid - The ID of the client spider scan.
33 | **/
34 | ClientSpider.prototype.status = function (args) {
35 | return this.api.request('/clientSpider/view/status/', { scanId: args.scanid })
36 | }
37 |
38 | /**
39 | * Starts a client spider scan.
40 | * This component is optional and therefore the API will only work if it is installed
41 | * @param {string} browser - The ID of the browser. See Selenium documentation for valid IDs.
42 | * @param {string} url - The URL from where to start the spider.
43 | * @param {string} contextname - The name of the context.
44 | * @param {string} username - The name of the user.
45 | * @param {string} subtreeonly - true to spider only under the subtree, false otherwise.
46 | * @param {string} maxcrawldepth - Maximum Crawl Depth (0 is unlimited).
47 | * @param {string} pageloadtime - Page Load Time (seconds).
48 | * @param {string} numberofbrowsers - Number of Browser Windows to Open (concurrency).
49 | * @param {string} scopecheck - Scope Check (FLEXIBLE or STRICT).
50 | **/
51 | ClientSpider.prototype.scan = function (args) {
52 | const params = { }
53 | if (args.browser && args.browser !== null) {
54 | params.browser = args.browser
55 | }
56 | if (args.url && args.url !== null) {
57 | params.url = args.url
58 | }
59 | if (args.contextname && args.contextname !== null) {
60 | params.contextName = args.contextname
61 | }
62 | if (args.username && args.username !== null) {
63 | params.userName = args.username
64 | }
65 | if (args.subtreeonly && args.subtreeonly !== null) {
66 | params.subtreeOnly = args.subtreeonly
67 | }
68 | if (args.maxcrawldepth && args.maxcrawldepth !== null) {
69 | params.maxCrawlDepth = args.maxcrawldepth
70 | }
71 | if (args.pageloadtime && args.pageloadtime !== null) {
72 | params.pageLoadTime = args.pageloadtime
73 | }
74 | if (args.numberofbrowsers && args.numberofbrowsers !== null) {
75 | params.numberOfBrowsers = args.numberofbrowsers
76 | }
77 | if (args.scopecheck && args.scopecheck !== null) {
78 | params.scopeCheck = args.scopecheck
79 | }
80 | return this.api.request('/clientSpider/action/scan/', params)
81 | }
82 |
83 | /**
84 | * Stops a client spider scan.
85 | * This component is optional and therefore the API will only work if it is installed
86 | * @param {string} scanid - The ID of the client spider scan.
87 | **/
88 | ClientSpider.prototype.stop = function (args) {
89 | return this.api.request('/clientSpider/action/stop/', { scanId: args.scanid })
90 | }
91 |
92 | module.exports = ClientSpider
93 |
--------------------------------------------------------------------------------
/src/replacer.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Replacer (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Returns full details of all of the rules
31 | * This component is optional and therefore the API will only work if it is installed
32 | **/
33 | Replacer.prototype.rules = function () {
34 | return this.api.request('/replacer/view/rules/')
35 | }
36 |
37 | /**
38 | * Adds a replacer rule. For the parameters: desc is a user friendly description, enabled is true or false, matchType is one of [REQ_HEADER, REQ_HEADER_STR, REQ_BODY_STR, RESP_HEADER, RESP_HEADER_STR, RESP_BODY_STR], matchRegex should be true if the matchString should be treated as a regex otherwise false, matchString is the string that will be matched against, replacement is the replacement string, initiators may be blank (for all initiators) or a comma separated list of integers as defined in Request Initiator Constants
39 | * This component is optional and therefore the API will only work if it is installed
40 | * @param {string} description
41 | * @param {string} enabled
42 | * @param {string} matchtype
43 | * @param {string} matchregex
44 | * @param {string} matchstring
45 | * @param {string} replacement
46 | * @param {string} initiators
47 | * @param {string} url - A regular expression to match the URL of the message, if empty the rule applies to all messages.
48 | **/
49 | Replacer.prototype.addRule = function (args) {
50 | const params = { description: args.description, enabled: args.enabled, matchType: args.matchtype, matchRegex: args.matchregex, matchString: args.matchstring }
51 | if (args.replacement && args.replacement !== null) {
52 | params.replacement = args.replacement
53 | }
54 | if (args.initiators && args.initiators !== null) {
55 | params.initiators = args.initiators
56 | }
57 | if (args.url && args.url !== null) {
58 | params.url = args.url
59 | }
60 | return this.api.request('/replacer/action/addRule/', params)
61 | }
62 |
63 | /**
64 | * Removes the rule with the given description
65 | * This component is optional and therefore the API will only work if it is installed
66 | * @param {string} description
67 | **/
68 | Replacer.prototype.removeRule = function (args) {
69 | return this.api.request('/replacer/action/removeRule/', { description: args.description })
70 | }
71 |
72 | /**
73 | * Enables or disables the rule with the given description based on the bool parameter
74 | * This component is optional and therefore the API will only work if it is installed
75 | * @param {string} description
76 | * @param {string} bool
77 | **/
78 | Replacer.prototype.setEnabled = function (args) {
79 | return this.api.request('/replacer/action/setEnabled/', { description: args.description, bool: args.bool })
80 | }
81 |
82 | module.exports = Replacer
83 |
--------------------------------------------------------------------------------
/src/authentication.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Authentication (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Gets the name of the authentication methods.
31 | **/
32 | Authentication.prototype.getSupportedAuthenticationMethods = function () {
33 | return this.api.request('/authentication/view/getSupportedAuthenticationMethods/')
34 | }
35 |
36 | /**
37 | * Gets the configuration parameters for the authentication method with the given name.
38 | * @param {string} authmethodname
39 | **/
40 | Authentication.prototype.getAuthenticationMethodConfigParams = function (args) {
41 | return this.api.request('/authentication/view/getAuthenticationMethodConfigParams/', { authMethodName: args.authmethodname })
42 | }
43 |
44 | /**
45 | * Gets the name of the authentication method for the context with the given ID.
46 | * @param {string} contextid
47 | **/
48 | Authentication.prototype.getAuthenticationMethod = function (args) {
49 | return this.api.request('/authentication/view/getAuthenticationMethod/', { contextId: args.contextid })
50 | }
51 |
52 | /**
53 | * Gets the logged in indicator for the context with the given ID.
54 | * @param {string} contextid
55 | **/
56 | Authentication.prototype.getLoggedInIndicator = function (args) {
57 | return this.api.request('/authentication/view/getLoggedInIndicator/', { contextId: args.contextid })
58 | }
59 |
60 | /**
61 | * Gets the logged out indicator for the context with the given ID.
62 | * @param {string} contextid
63 | **/
64 | Authentication.prototype.getLoggedOutIndicator = function (args) {
65 | return this.api.request('/authentication/view/getLoggedOutIndicator/', { contextId: args.contextid })
66 | }
67 |
68 | /**
69 | * Sets the authentication method for the context with the given ID.
70 | * @param {string} contextid
71 | * @param {string} authmethodname
72 | * @param {string} authmethodconfigparams
73 | **/
74 | Authentication.prototype.setAuthenticationMethod = function (args) {
75 | const params = { contextId: args.contextid, authMethodName: args.authmethodname }
76 | if (args.authmethodconfigparams && args.authmethodconfigparams !== null) {
77 | params.authMethodConfigParams = args.authmethodconfigparams
78 | }
79 | return this.api.request('/authentication/action/setAuthenticationMethod/', params)
80 | }
81 |
82 | /**
83 | * Sets the logged in indicator for the context with the given ID.
84 | * @param {string} contextid
85 | * @param {string} loggedinindicatorregex
86 | **/
87 | Authentication.prototype.setLoggedInIndicator = function (args) {
88 | return this.api.request('/authentication/action/setLoggedInIndicator/', { contextId: args.contextid, loggedInIndicatorRegex: args.loggedinindicatorregex })
89 | }
90 |
91 | /**
92 | * Sets the logged out indicator for the context with the given ID.
93 | * @param {string} contextid
94 | * @param {string} loggedoutindicatorregex
95 | **/
96 | Authentication.prototype.setLoggedOutIndicator = function (args) {
97 | return this.api.request('/authentication/action/setLoggedOutIndicator/', { contextId: args.contextid, loggedOutIndicatorRegex: args.loggedoutindicatorregex })
98 | }
99 |
100 | module.exports = Authentication
101 |
--------------------------------------------------------------------------------
/src/websocket.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Websocket (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Returns all of the registered web socket channels
31 | * This component is optional and therefore the API will only work if it is installed
32 | **/
33 | Websocket.prototype.channels = function () {
34 | return this.api.request('/websocket/view/channels/')
35 | }
36 |
37 | /**
38 | * Returns full details of the message specified by the channelId and messageId
39 | * This component is optional and therefore the API will only work if it is installed
40 | * @param {string} channelid
41 | * @param {string} messageid
42 | **/
43 | Websocket.prototype.message = function (args) {
44 | return this.api.request('/websocket/view/message/', { channelId: args.channelid, messageId: args.messageid })
45 | }
46 |
47 | /**
48 | * Returns a list of all of the messages that meet the given criteria (all optional), where channelId is a channel identifier, start is the offset to start returning messages from (starting from 0), count is the number of messages to return (default no limit) and payloadPreviewLength is the maximum number bytes to return for the payload contents
49 | * This component is optional and therefore the API will only work if it is installed
50 | * @param {string} channelid
51 | * @param {string} start
52 | * @param {string} count
53 | * @param {string} payloadpreviewlength
54 | **/
55 | Websocket.prototype.messages = function (args) {
56 | const params = { }
57 | if (args.channelid && args.channelid !== null) {
58 | params.channelId = args.channelid
59 | }
60 | if (args.start && args.start !== null) {
61 | params.start = args.start
62 | }
63 | if (args.count && args.count !== null) {
64 | params.count = args.count
65 | }
66 | if (args.payloadpreviewlength && args.payloadpreviewlength !== null) {
67 | params.payloadPreviewLength = args.payloadpreviewlength
68 | }
69 | return this.api.request('/websocket/view/messages/', params)
70 | }
71 |
72 | /**
73 | * Returns a text representation of an intercepted websockets message
74 | * This component is optional and therefore the API will only work if it is installed
75 | **/
76 | Websocket.prototype.breakTextMessage = function () {
77 | return this.api.request('/websocket/view/breakTextMessage/')
78 | }
79 |
80 | /**
81 | * Sends the specified message on the channel specified by channelId, if outgoing is 'True' then the message will be sent to the server and if it is 'False' then it will be sent to the client
82 | * This component is optional and therefore the API will only work if it is installed
83 | * @param {string} channelid
84 | * @param {string} outgoing
85 | * @param {string} message
86 | **/
87 | Websocket.prototype.sendTextMessage = function (args) {
88 | return this.api.request('/websocket/action/sendTextMessage/', { channelId: args.channelid, outgoing: args.outgoing, message: args.message })
89 | }
90 |
91 | /**
92 | * Sets the text message for an intercepted websockets message
93 | * This component is optional and therefore the API will only work if it is installed
94 | * @param {string} message
95 | * @param {string} outgoing
96 | **/
97 | Websocket.prototype.setBreakTextMessage = function (args) {
98 | return this.api.request('/websocket/action/setBreakTextMessage/', { message: args.message, outgoing: args.outgoing })
99 | }
100 |
101 | module.exports = Websocket
102 |
--------------------------------------------------------------------------------
/src/reports.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Reports (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * View available templates.
31 | * This component is optional and therefore the API will only work if it is installed
32 | **/
33 | Reports.prototype.templates = function () {
34 | return this.api.request('/reports/view/templates/')
35 | }
36 |
37 | /**
38 | * View details of the specified template.
39 | * This component is optional and therefore the API will only work if it is installed
40 | * @param {string} template - Template Label
41 | **/
42 | Reports.prototype.templateDetails = function (args) {
43 | return this.api.request('/reports/view/templateDetails/', { template: args.template })
44 | }
45 |
46 | /**
47 | * Generate a report with the supplied parameters.
48 | * This component is optional and therefore the API will only work if it is installed
49 | * @param {string} title - Report Title
50 | * @param {string} template - Report Template
51 | * @param {string} theme - Report Theme
52 | * @param {string} description - Report Description
53 | * @param {string} contexts - The name of the contexts to be included in the report, separated by '|'.
54 | * @param {string} sites - The site URLs that should be included in the report, separated by '|'.
55 | * @param {string} sections - The report sections that should be included, separated by '|'.
56 | * @param {string} includedconfidences - Confidences that should be included in the report, separated by '|'. Accepted values are "False Positive", "Low", "Medium", "High", and "Confirmed".
57 | * @param {string} includedrisks - Risks that should be included in the report, separated by '|'. Accepted values are "Informational", "Low", "Medium", and "High".
58 | * @param {string} reportfilename - The file name of the generated report. This value overrides the reportFileNamePattern parameter.
59 | * @param {string} reportfilenamepattern - Report File Name Pattern.
60 | * @param {string} reportdir - Path to directory in which the generated report should be placed.
61 | * @param {string} display - Display the generated report. Either "true" or "false".
62 | **/
63 | Reports.prototype.generate = function (args) {
64 | const params = { title: args.title, template: args.template }
65 | if (args.theme && args.theme !== null) {
66 | params.theme = args.theme
67 | }
68 | if (args.description && args.description !== null) {
69 | params.description = args.description
70 | }
71 | if (args.contexts && args.contexts !== null) {
72 | params.contexts = args.contexts
73 | }
74 | if (args.sites && args.sites !== null) {
75 | params.sites = args.sites
76 | }
77 | if (args.sections && args.sections !== null) {
78 | params.sections = args.sections
79 | }
80 | if (args.includedconfidences && args.includedconfidences !== null) {
81 | params.includedConfidences = args.includedconfidences
82 | }
83 | if (args.includedrisks && args.includedrisks !== null) {
84 | params.includedRisks = args.includedrisks
85 | }
86 | if (args.reportfilename && args.reportfilename !== null) {
87 | params.reportFileName = args.reportfilename
88 | }
89 | if (args.reportfilenamepattern && args.reportfilenamepattern !== null) {
90 | params.reportFileNamePattern = args.reportfilenamepattern
91 | }
92 | if (args.reportdir && args.reportdir !== null) {
93 | params.reportDir = args.reportdir
94 | }
95 | if (args.display && args.display !== null) {
96 | params.display = args.display
97 | }
98 | return this.api.request('/reports/action/generate/', params)
99 | }
100 |
101 | module.exports = Reports
102 |
--------------------------------------------------------------------------------
/src/brk.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Break (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Returns True if ZAP will break on both requests and responses
31 | **/
32 | Break.prototype.isBreakAll = function () {
33 | return this.api.request('/break/view/isBreakAll/')
34 | }
35 |
36 | /**
37 | * Returns True if ZAP will break on requests
38 | **/
39 | Break.prototype.isBreakRequest = function () {
40 | return this.api.request('/break/view/isBreakRequest/')
41 | }
42 |
43 | /**
44 | * Returns True if ZAP will break on responses
45 | **/
46 | Break.prototype.isBreakResponse = function () {
47 | return this.api.request('/break/view/isBreakResponse/')
48 | }
49 |
50 | /**
51 | * Returns the HTTP message currently intercepted (if any)
52 | **/
53 | Break.prototype.httpMessage = function () {
54 | return this.api.request('/break/view/httpMessage/')
55 | }
56 |
57 | /**
58 | * Controls the global break functionality. The type may be one of: http-all, http-request or http-response. The state may be true (for turning break on for the specified type) or false (for turning break off). Scope is not currently used.
59 | * @param {string} type
60 | * @param {string} state
61 | * @param {string} scope
62 | **/
63 | Break.prototype.brk = function (args) {
64 | const params = { type: args.type, state: args.state }
65 | if (args.scope && args.scope !== null) {
66 | params.scope = args.scope
67 | }
68 | return this.api.request('/break/action/break/', params)
69 | }
70 |
71 | /**
72 | * Overwrites the currently intercepted message with the data provided
73 | * @param {string} httpheader
74 | * @param {string} httpbody
75 | **/
76 | Break.prototype.setHttpMessage = function (args) {
77 | const params = { httpHeader: args.httpheader }
78 | if (args.httpbody && args.httpbody !== null) {
79 | params.httpBody = args.httpbody
80 | }
81 | return this.api.request('/break/action/setHttpMessage/', params)
82 | }
83 |
84 | /**
85 | * Submits the currently intercepted message and unsets the global request/response breakpoints
86 | **/
87 | Break.prototype.cont = function () {
88 | return this.api.request('/break/action/continue/')
89 | }
90 |
91 | /**
92 | * Submits the currently intercepted message, the next request or response will automatically be intercepted
93 | **/
94 | Break.prototype.step = function () {
95 | return this.api.request('/break/action/step/')
96 | }
97 |
98 | /**
99 | * Drops the currently intercepted message
100 | **/
101 | Break.prototype.drop = function () {
102 | return this.api.request('/break/action/drop/')
103 | }
104 |
105 | /**
106 | * Adds a custom HTTP breakpoint. The string is the string to match. Location may be one of: url, request_header, request_body, response_header or response_body. Match may be: contains or regex. Inverse (match) may be true or false. Lastly, ignorecase (when matching the string) may be true or false.
107 | * @param {string} string
108 | * @param {string} location
109 | * @param {string} match
110 | * @param {string} inverse
111 | * @param {string} ignorecase
112 | **/
113 | Break.prototype.addHttpBreakpoint = function (args) {
114 | return this.api.request('/break/action/addHttpBreakpoint/', { string: args.string, location: args.location, match: args.match, inverse: args.inverse, ignorecase: args.ignorecase })
115 | }
116 |
117 | /**
118 | * Removes the specified breakpoint
119 | * @param {string} string
120 | * @param {string} location
121 | * @param {string} match
122 | * @param {string} inverse
123 | * @param {string} ignorecase
124 | **/
125 | Break.prototype.removeHttpBreakpoint = function (args) {
126 | return this.api.request('/break/action/removeHttpBreakpoint/', { string: args.string, location: args.location, match: args.match, inverse: args.inverse, ignorecase: args.ignorecase })
127 | }
128 |
129 | module.exports = Break
130 |
--------------------------------------------------------------------------------
/src/stats.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Stats (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Statistics
31 | * @param {string} keyprefix
32 | **/
33 | Stats.prototype.stats = function (args) {
34 | const params = { }
35 | if (args.keyprefix && args.keyprefix !== null) {
36 | params.keyPrefix = args.keyprefix
37 | }
38 | return this.api.request('/stats/view/stats/', params)
39 | }
40 |
41 | /**
42 | * Gets all of the site based statistics, optionally filtered by a key prefix
43 | * @param {string} keyprefix
44 | **/
45 | Stats.prototype.allSitesStats = function (args) {
46 | const params = { }
47 | if (args.keyprefix && args.keyprefix !== null) {
48 | params.keyPrefix = args.keyprefix
49 | }
50 | return this.api.request('/stats/view/allSitesStats/', params)
51 | }
52 |
53 | /**
54 | * Gets all of the global statistics, optionally filtered by a key prefix
55 | * @param {string} site
56 | * @param {string} keyprefix
57 | **/
58 | Stats.prototype.siteStats = function (args) {
59 | const params = { site: args.site }
60 | if (args.keyprefix && args.keyprefix !== null) {
61 | params.keyPrefix = args.keyprefix
62 | }
63 | return this.api.request('/stats/view/siteStats/', params)
64 | }
65 |
66 | /**
67 | * Gets the Statsd service hostname
68 | **/
69 | Stats.prototype.optionStatsdHost = function () {
70 | return this.api.request('/stats/view/optionStatsdHost/')
71 | }
72 |
73 | /**
74 | * Gets the Statsd service port
75 | **/
76 | Stats.prototype.optionStatsdPort = function () {
77 | return this.api.request('/stats/view/optionStatsdPort/')
78 | }
79 |
80 | /**
81 | * Gets the prefix to be applied to all stats sent to the configured Statsd service
82 | **/
83 | Stats.prototype.optionStatsdPrefix = function () {
84 | return this.api.request('/stats/view/optionStatsdPrefix/')
85 | }
86 |
87 | /**
88 | * Returns 'true' if in memory statistics are enabled, otherwise returns 'false'
89 | **/
90 | Stats.prototype.optionInMemoryEnabled = function () {
91 | return this.api.request('/stats/view/optionInMemoryEnabled/')
92 | }
93 |
94 | /**
95 | * Returns 'true' if a Statsd server has been correctly configured, otherwise returns 'false'
96 | **/
97 | Stats.prototype.optionStatsdEnabled = function () {
98 | return this.api.request('/stats/view/optionStatsdEnabled/')
99 | }
100 |
101 | /**
102 | * Clears all of the statistics
103 | * @param {string} keyprefix
104 | **/
105 | Stats.prototype.clearStats = function (args) {
106 | const params = { }
107 | if (args.keyprefix && args.keyprefix !== null) {
108 | params.keyPrefix = args.keyprefix
109 | }
110 | return this.api.request('/stats/action/clearStats/', params)
111 | }
112 |
113 | /**
114 | * Sets the Statsd service hostname, supply an empty string to stop using a Statsd service
115 | * @param {string} string
116 | **/
117 | Stats.prototype.setOptionStatsdHost = function (args) {
118 | return this.api.request('/stats/action/setOptionStatsdHost/', { String: args.string })
119 | }
120 |
121 | /**
122 | * Sets the prefix to be applied to all stats sent to the configured Statsd service
123 | * @param {string} string
124 | **/
125 | Stats.prototype.setOptionStatsdPrefix = function (args) {
126 | return this.api.request('/stats/action/setOptionStatsdPrefix/', { String: args.string })
127 | }
128 |
129 | /**
130 | * Sets whether in memory statistics are enabled
131 | * @param {string} bool
132 | **/
133 | Stats.prototype.setOptionInMemoryEnabled = function (args) {
134 | return this.api.request('/stats/action/setOptionInMemoryEnabled/', { Boolean: args.bool })
135 | }
136 |
137 | /**
138 | * Sets the Statsd service port
139 | * @param {string} integer
140 | **/
141 | Stats.prototype.setOptionStatsdPort = function (args) {
142 | return this.api.request('/stats/action/setOptionStatsdPort/', { Integer: args.integer })
143 | }
144 |
145 | module.exports = Stats
146 |
--------------------------------------------------------------------------------
/src/oast.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2025 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Oast (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Gets the service used with the active scanner, if any.
31 | * This component is optional and therefore the API will only work if it is installed
32 | **/
33 | Oast.prototype.getActiveScanService = function () {
34 | return this.api.request('/oast/view/getActiveScanService/')
35 | }
36 |
37 | /**
38 | * Gets all of the services.
39 | * This component is optional and therefore the API will only work if it is installed
40 | **/
41 | Oast.prototype.getServices = function () {
42 | return this.api.request('/oast/view/getServices/')
43 | }
44 |
45 | /**
46 | * Gets the BOAST options.
47 | * This component is optional and therefore the API will only work if it is installed
48 | **/
49 | Oast.prototype.getBoastOptions = function () {
50 | return this.api.request('/oast/view/getBoastOptions/')
51 | }
52 |
53 | /**
54 | * Gets the Callback options.
55 | * This component is optional and therefore the API will only work if it is installed
56 | **/
57 | Oast.prototype.getCallbackOptions = function () {
58 | return this.api.request('/oast/view/getCallbackOptions/')
59 | }
60 |
61 | /**
62 | * Gets the Interactsh options.
63 | * This component is optional and therefore the API will only work if it is installed
64 | **/
65 | Oast.prototype.getInteractshOptions = function () {
66 | return this.api.request('/oast/view/getInteractshOptions/')
67 | }
68 |
69 | /**
70 | * Gets the number of days the OAST records will be kept for.
71 | * This component is optional and therefore the API will only work if it is installed
72 | **/
73 | Oast.prototype.getDaysToKeepRecords = function () {
74 | return this.api.request('/oast/view/getDaysToKeepRecords/')
75 | }
76 |
77 | /**
78 | * Sets the service used with the active scanner.
79 | * This component is optional and therefore the API will only work if it is installed
80 | * @param {string} name - The name of the service.
81 | **/
82 | Oast.prototype.setActiveScanService = function (args) {
83 | return this.api.request('/oast/action/setActiveScanService/', { name: args.name })
84 | }
85 |
86 | /**
87 | * Sets the BOAST options.
88 | * This component is optional and therefore the API will only work if it is installed
89 | * @param {string} server - The server URL.
90 | * @param {string} pollinsecs - The polling frequency.
91 | **/
92 | Oast.prototype.setBoastOptions = function (args) {
93 | return this.api.request('/oast/action/setBoastOptions/', { server: args.server, pollInSecs: args.pollinsecs })
94 | }
95 |
96 | /**
97 | * Sets the Callback options.
98 | * This component is optional and therefore the API will only work if it is installed
99 | * @param {string} localaddress - The local address
100 | * @param {string} remoteaddress - The remote address.
101 | * @param {string} port - The port to listen on.
102 | **/
103 | Oast.prototype.setCallbackOptions = function (args) {
104 | return this.api.request('/oast/action/setCallbackOptions/', { localAddress: args.localaddress, remoteAddress: args.remoteaddress, port: args.port })
105 | }
106 |
107 | /**
108 | * Sets the Interactsh options.
109 | * This component is optional and therefore the API will only work if it is installed
110 | * @param {string} server - The server URL.
111 | * @param {string} pollinsecs - The polling frequency.
112 | * @param {string} authtoken - The Interactsh authentication token.
113 | **/
114 | Oast.prototype.setInteractshOptions = function (args) {
115 | return this.api.request('/oast/action/setInteractshOptions/', { server: args.server, pollInSecs: args.pollinsecs, authToken: args.authtoken })
116 | }
117 |
118 | /**
119 | * Sets the number of days the OAST records will be kept for.
120 | * This component is optional and therefore the API will only work if it is installed
121 | * @param {string} days - The number of days.
122 | **/
123 | Oast.prototype.setDaysToKeepRecords = function (args) {
124 | return this.api.request('/oast/action/setDaysToKeepRecords/', { days: args.days })
125 | }
126 |
127 | module.exports = Oast
128 |
--------------------------------------------------------------------------------
/src/custompayloads.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Custompayloads (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Lists all available categories.
31 | * This component is optional and therefore the API will only work if it is installed
32 | **/
33 | Custompayloads.prototype.customPayloadsCategories = function () {
34 | return this.api.request('/custompayloads/view/customPayloadsCategories/')
35 | }
36 |
37 | /**
38 | * Lists all the payloads currently loaded (category, payload, enabled state). Optionally filtered by category.
39 | * This component is optional and therefore the API will only work if it is installed
40 | * @param {string} category - The category for which the payloads should be displayed.
41 | **/
42 | Custompayloads.prototype.customPayloads = function (args) {
43 | const params = { }
44 | if (args.category && args.category !== null) {
45 | params.category = args.category
46 | }
47 | return this.api.request('/custompayloads/view/customPayloads/', params)
48 | }
49 |
50 | /**
51 | * Disables payloads for a given category.
52 | * This component is optional and therefore the API will only work if it is installed
53 | * @param {string} category - The category for which the payloads should be disabled (leave empty for all).
54 | **/
55 | Custompayloads.prototype.disableCustomPayloads = function (args) {
56 | const params = { }
57 | if (args.category && args.category !== null) {
58 | params.category = args.category
59 | }
60 | return this.api.request('/custompayloads/action/disableCustomPayloads/', params)
61 | }
62 |
63 | /**
64 | * Enables payloads for a given category.
65 | * This component is optional and therefore the API will only work if it is installed
66 | * @param {string} category - The category for which the payloads should be enabled (leave empty for all).
67 | **/
68 | Custompayloads.prototype.enableCustomPayloads = function (args) {
69 | const params = { }
70 | if (args.category && args.category !== null) {
71 | params.category = args.category
72 | }
73 | return this.api.request('/custompayloads/action/enableCustomPayloads/', params)
74 | }
75 |
76 | /**
77 | * Removes a payload.
78 | * This component is optional and therefore the API will only work if it is installed
79 | * @param {string} category - The category of the payload being removed.
80 | * @param {string} payload - The payload being removed.
81 | **/
82 | Custompayloads.prototype.removeCustomPayload = function (args) {
83 | const params = { category: args.category }
84 | if (args.payload && args.payload !== null) {
85 | params.payload = args.payload
86 | }
87 | return this.api.request('/custompayloads/action/removeCustomPayload/', params)
88 | }
89 |
90 | /**
91 | * Adds a new payload.
92 | * This component is optional and therefore the API will only work if it is installed
93 | * @param {string} category - The category for the new payload.
94 | * @param {string} payload - The payload to be added.
95 | **/
96 | Custompayloads.prototype.addCustomPayload = function (args) {
97 | const params = { category: args.category }
98 | if (args.payload && args.payload !== null) {
99 | params.payload = args.payload
100 | }
101 | return this.api.request('/custompayloads/action/addCustomPayload/', params)
102 | }
103 |
104 | /**
105 | * Enables a given payload.
106 | * This component is optional and therefore the API will only work if it is installed
107 | * @param {string} category - The category for the payload being enabled.
108 | * @param {string} payload - The payload being enabled.
109 | **/
110 | Custompayloads.prototype.enableCustomPayload = function (args) {
111 | const params = { category: args.category }
112 | if (args.payload && args.payload !== null) {
113 | params.payload = args.payload
114 | }
115 | return this.api.request('/custompayloads/action/enableCustomPayload/', params)
116 | }
117 |
118 | /**
119 | * Disables a given payload.
120 | * This component is optional and therefore the API will only work if it is installed
121 | * @param {string} category - The category for the payload being disabled.
122 | * @param {string} payload - The payload being disabled.
123 | **/
124 | Custompayloads.prototype.disableCustomPayload = function (args) {
125 | const params = { category: args.category }
126 | if (args.payload && args.payload !== null) {
127 | params.payload = args.payload
128 | }
129 | return this.api.request('/custompayloads/action/disableCustomPayload/', params)
130 | }
131 |
132 | module.exports = Custompayloads
133 |
--------------------------------------------------------------------------------
/src/exim.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Exim (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Imports a HAR file.
31 | * This component is optional and therefore the API will only work if it is installed
32 | * @param {string} filepath
33 | **/
34 | Exim.prototype.importHar = function (args) {
35 | return this.api.request('/exim/action/importHar/', { filePath: args.filepath })
36 | }
37 |
38 | /**
39 | * Imports URLs (one per line) from the file with the given file system path.
40 | * This component is optional and therefore the API will only work if it is installed
41 | * @param {string} filepath
42 | **/
43 | Exim.prototype.importUrls = function (args) {
44 | return this.api.request('/exim/action/importUrls/', { filePath: args.filepath })
45 | }
46 |
47 | /**
48 | * Imports previously exported ZAP messages from the file with the given file system path.
49 | * This component is optional and therefore the API will only work if it is installed
50 | * @param {string} filepath
51 | **/
52 | Exim.prototype.importZapLogs = function (args) {
53 | return this.api.request('/exim/action/importZapLogs/', { filePath: args.filepath })
54 | }
55 |
56 | /**
57 | * Imports ModSecurity2 logs from the file with the given file system path.
58 | * This component is optional and therefore the API will only work if it is installed
59 | * @param {string} filepath
60 | **/
61 | Exim.prototype.importModsec2Logs = function (args) {
62 | return this.api.request('/exim/action/importModsec2Logs/', { filePath: args.filepath })
63 | }
64 |
65 | /**
66 | * Exports the Sites Tree in the Sites Tree YAML format.
67 | * This component is optional and therefore the API will only work if it is installed
68 | * @param {string} filepath
69 | **/
70 | Exim.prototype.exportSitesTree = function (args) {
71 | return this.api.request('/exim/action/exportSitesTree/', { filePath: args.filepath })
72 | }
73 |
74 | /**
75 | * Prunes the Sites Tree based on a file in the Sites Tree YAML format.
76 | * This component is optional and therefore the API will only work if it is installed
77 | * @param {string} filepath
78 | **/
79 | Exim.prototype.pruneSitesTree = function (args) {
80 | return this.api.request('/exim/action/pruneSitesTree/', { filePath: args.filepath })
81 | }
82 |
83 | /**
84 | * Gets the HTTP messages sent through/by ZAP, in HAR format, optionally filtered by URL and paginated with 'start' position and 'count' of messages
85 | * This component is optional and therefore the API will only work if it is installed
86 | * @param {string} baseurl - The URL below which messages should be included.
87 | * @param {string} start - The position (or offset) within the results to use as a starting position for the information returned.
88 | * @param {string} count - The number of results to return.
89 | **/
90 | Exim.prototype.exportHar = function (args) {
91 | const params = { }
92 | if (args.baseurl && args.baseurl !== null) {
93 | params.baseurl = args.baseurl
94 | }
95 | if (args.start && args.start !== null) {
96 | params.start = args.start
97 | }
98 | if (args.count && args.count !== null) {
99 | params.count = args.count
100 | }
101 | return this.api.request('/exim/other/exportHar/', params, 'other')
102 | }
103 |
104 | /**
105 | * Gets the HTTP messages with the given IDs, in HAR format.
106 | * This component is optional and therefore the API will only work if it is installed
107 | * @param {string} ids - The ID (number(s)) of the message(s) to be returned.
108 | **/
109 | Exim.prototype.exportHarById = function (args) {
110 | return this.api.request('/exim/other/exportHarById/', { ids: args.ids }, 'other')
111 | }
112 |
113 | /**
114 | * Sends the first HAR request entry, optionally following redirections. Returns, in HAR format, the request sent and response received and followed redirections, if any. The Mode is enforced when sending the request (and following redirections), custom manual requests are not allowed in 'Safe' mode nor in 'Protected' mode if out of scope.
115 | * This component is optional and therefore the API will only work if it is installed
116 | * @param {string} request - The raw JSON of a HAR request.
117 | * @param {string} followredirects - True if redirects should be followed, false otherwise.
118 | **/
119 | Exim.prototype.sendHarRequest = function (args) {
120 | const params = { request: args.request }
121 | if (args.followredirects && args.followredirects !== null) {
122 | params.followRedirects = args.followredirects
123 | }
124 | return this.api.request('/exim/other/sendHarRequest/', params, 'other')
125 | }
126 |
127 | module.exports = Exim
128 |
--------------------------------------------------------------------------------
/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 | All notable changes to this project will be documented in this file.
3 |
4 | The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/).
5 |
6 | ## [2.0.0-rc.7] - 2025-12-15
7 | ### Added
8 | - Add the APIs of the following add-ons:
9 | - Client Side Integration version 0.20.0;
10 | - Postman Support version 0.7.0.
11 |
12 | ### Changed
13 | - Update dependencies.
14 | - Update core APIs for 2.17.
15 | - Update the APIs of the following add-ons:
16 | - Automation Framework version 0.58.0;
17 | - OpenAPI Support version 48;
18 | - Passive Scanner version 0.6.0;
19 | - Selenium version 15.43.0;
20 | - Spider version 0.18.0.
21 |
22 | ## [2.0.0-rc.6] - 2025-01-20
23 | ### Added
24 | - Add the API of the following add-on:
25 | - OAST Support
26 |
27 | ### Changed
28 | - Update core APIs for 2.16.
29 | - Update the APIs of the following add-ons:
30 | - AJAX Spider
31 | - Import/Export
32 | - OpenAPI Support
33 | - Passive Scanner
34 | - Replacer
35 | - Script Console
36 | - Selenium
37 | - Spider
38 |
39 | ## [2.0.0-rc.5] - 2024-04-10
40 | ### Changed
41 | * Update core APIs for 2.15.
42 |
43 | ## [2.0.0-rc.4] - 2023-11-24
44 | ### Added
45 | * Add the API of the following add-on:
46 | * Custom Payloads version 0.13.0.
47 |
48 | ### Changed
49 | * Allow to call the ZAP API with custom HTTP method (e.g. file upload).
50 | * Update the APIs of the following add-on:
51 | * Selenium version 15.16.0.
52 |
53 | ### Fixed
54 | * Correct the HTTP method used by `fileUpload` core API.
55 |
56 | ## [2.0.0-rc.3] - 2023-10-14
57 | ### Changed
58 | * Update core APIs for 2.14.
59 |
60 | ## [2.0.0-rc.2] - 2023-07-17
61 | ### Changed
62 | * Update the link to API docs in README.md
63 | * Update core APIs for 2.13.
64 | * Update the APIs of the following add-ons:
65 | * AJAX Spider version 23.15.0;
66 | * Alert Filters version 17;
67 | * GraphQL Support version 0.18.0;
68 | * Network version 0.10.0;
69 | * Selenium version 15.13.0.
70 |
71 | ### Fixed
72 | * Return errors (e.g. connection, ZAP API) with a rejected promise.
73 |
74 | ## [2.0.0-rc.1] - 2023-05-19
75 | ### Added
76 | * Add the API of the following add-ons:
77 | * Access Control version 8
78 | * Alert Filter version 15
79 | * Automation Framework version 0.22.0
80 | * Import/Export version 0.3.0
81 | * GraphQL Support version 0.12.0
82 | * Network version 0.6.0
83 | * Report Generation version 0.18.0
84 | * Retest version 0.5.0
85 | * Revisit version 4
86 | * Wappalyzer - Technology Detection version 21.18.0
87 |
88 | ### Changed
89 | * Update the API to support object as function parameters instead of individual parameters. [Github Issue](https://github.com/zaproxy/zaproxy/issues/7608)
90 | * Update Core APIs for 2.12.0
91 | * Update the APIs of following add-ons:
92 | * Ajax Spider version 23.10.0
93 | * OpenAPI version 31
94 | * Plug-n-Hack Configuration version 13
95 | * Replacer version 12
96 | * Reveal version 5
97 | * Selenium version 15.11.0
98 | * SOAP Support version 16
99 | * Spider version 0.2.0
100 | * WebSockets version 28
101 |
102 | ### Removed
103 | * The APIs for the add-ons Import files containing URLs and Log File Importer were removed, superseded by Import/Export add-on.
104 |
105 | ## [1.0.1] - 2019-08-30 - lodash security fix
106 |
107 | ### Security
108 |
109 | * Regenerated the `package-lock.json` to capture the fixed version of sub dependency lodash (4.17.11 -> 4.17.14)
110 |
111 | ## [1.0.0-rc.1] - 2018-11-16 - Requiring major [semver](https://semver.org/) change
112 |
113 | ### Added
114 |
115 | * Support for promises via [request-promise-native](https://github.com/request/request-promise-native), while retaining backwards compatibility for those wishing to use callbacks
116 | * Ability to add the `apiKey` once only when instantiating the `ZapClient`. See example in [README](README.md#instantiate-the-node-api)
117 | * Brand new [README](README.md)
118 |
119 | ### Changed
120 |
121 | * Minimum NodeJS version is now 8.6.0 (breaking change)
122 | * Source no longer in zaproxy/nodejs/api/zapv2. Now in its own repository [zaproxy/zap-api-nodejs](https://github.com/zaproxy/zap-api-nodejs)
123 | * License changed from MIT to [Apache 2.0](https://github.com/zaproxy/zap-api-nodejs/blob/main/LICENSE)
124 | * Replaced many `var`s with `const`s
125 |
126 | ### Removed
127 |
128 | * The explicit `apikey` on many API methods (breaking change)
129 | * [lodash](https://www.npmjs.com/package/lodash)
130 |
131 | ### Security
132 |
133 | * Fixed all 12 known security defects by updating the dependencies
134 |
135 | ## 0.3.0 - 2017-12-04
136 |
137 |
138 | [2.0.0-rc.7]: https://github.com/zaproxy/zap-api-nodejs/compare/v2.0.0-rc.6...v2.0.0-rc.7
139 | [2.0.0-rc.6]: https://github.com/zaproxy/zap-api-nodejs/compare/v2.0.0-rc.5...v2.0.0-rc.6
140 | [2.0.0-rc.5]: https://github.com/zaproxy/zap-api-nodejs/compare/v2.0.0-rc.4...v2.0.0-rc.5
141 | [2.0.0-rc.4]: https://github.com/zaproxy/zap-api-nodejs/compare/v2.0.0-rc.3...v2.0.0-rc.4
142 | [2.0.0-rc.3]: https://github.com/zaproxy/zap-api-nodejs/compare/v2.0.0-rc.2...v2.0.0-rc.3
143 | [2.0.0-rc.2]: https://github.com/zaproxy/zap-api-nodejs/compare/v2.0.0-rc.1...v2.0.0-rc.2
144 | [2.0.0-rc.1]: https://github.com/zaproxy/zap-api-nodejs/compare/v1.0.1...v2.0.0-rc.1
145 | [1.0.1]: https://github.com/zaproxy/zap-api-nodejs/compare/v1.0.0-rc.1...v1.0.1
146 | [1.0.0-rc.1]: https://github.com/zaproxy/zap-api-nodejs/compare/ccad7bac914e3572dba4e9d09fc2114bb5208d8d...v1.0.0-rc.1
147 |
--------------------------------------------------------------------------------
/src/index.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | const axios = require('axios')
21 | const AccessControl = require('./accessControl')
22 | const Acsrf = require('./acsrf')
23 | const AjaxSpider = require('./ajaxSpider')
24 | const Alert = require('./alert')
25 | const AlertFilter = require('./alertFilter')
26 | const Ascan = require('./ascan')
27 | const Authentication = require('./authentication')
28 | const Authorization = require('./authorization')
29 | const Automation = require('./automation')
30 | const Autoupdate = require('./autoupdate')
31 | const Brk = require('./brk')
32 | const Client = require('./client')
33 | const ClientSpider = require('./clientSpider')
34 | const Context = require('./context')
35 | const Core = require('./core')
36 | const Exim = require('./exim')
37 | const ForcedUser = require('./forcedUser')
38 | const Graphql = require('./graphql')
39 | const HttpSessions = require('./httpSessions')
40 | const Network = require('./network')
41 | const Oast = require('./oast')
42 | const Openapi = require('./openapi')
43 | const Params = require('./params')
44 | const Pnh = require('./pnh')
45 | const Postman = require('./postman')
46 | const Pscan = require('./pscan')
47 | const Reports = require('./reports')
48 | const Replacer = require('./replacer')
49 | const Reveal = require('./reveal')
50 | const Retest = require('./retest')
51 | const Revisit = require('./revisit')
52 | const RuleConfig = require('./ruleConfig')
53 | const Script = require('./script')
54 | const Search = require('./search')
55 | const Selenium = require('./selenium')
56 | const SessionManagement = require('./sessionManagement')
57 | const Soap = require('./soap')
58 | const Spider = require('./spider')
59 | const Stats = require('./stats')
60 | const Users = require('./users')
61 | const Wappalyzer = require('./wappalyzer')
62 | const Websocket = require('./websocket')
63 |
64 | const BASE_URL_JSON = 'http://zap/JSON'
65 | const BASE_URL_OTHER = 'http://zap/OTHER'
66 | function ClientApi (options) {
67 | /* global defaultAxiosConfig */
68 | // eslint-disable-next-line no-global-assign
69 | defaultAxiosConfig = {
70 | params: {},
71 | baseURL: BASE_URL_JSON,
72 | headers: options.apiKey ? { 'X-ZAP-API-Key': options.apiKey } : {},
73 | proxy: options.proxy
74 | }
75 |
76 | this.accessControl = new AccessControl(this)
77 | this.acsrf = new Acsrf(this)
78 | this.ajaxSpider = new AjaxSpider(this)
79 | this.alert = new Alert(this)
80 | this.alertFilter = new AlertFilter(this)
81 | this.ascan = new Ascan(this)
82 | this.authentication = new Authentication(this)
83 | this.authorization = new Authorization(this)
84 | this.automation = new Automation(this)
85 | this.autoupdate = new Autoupdate(this)
86 | this.brk = new Brk(this)
87 | this.client = new Client(this)
88 | this.clientSpider = new ClientSpider(this)
89 | this.context = new Context(this)
90 | this.core = new Core(this)
91 | this.exim = new Exim(this)
92 | this.forcedUser = new ForcedUser(this)
93 | this.graphql = new Graphql(this)
94 | this.httpSessions = new HttpSessions(this)
95 | this.network = new Network(this)
96 | this.oast = new Oast(this)
97 | this.openapi = new Openapi(this)
98 | this.params = new Params(this)
99 | this.pnh = new Pnh(this)
100 | this.postman = new Postman(this)
101 | this.pscan = new Pscan(this)
102 | this.replacer = new Replacer(this)
103 | this.reports = new Reports(this)
104 | this.retest = new Retest(this)
105 | this.reveal = new Reveal(this)
106 | this.revisit = new Revisit(this)
107 | this.ruleConfig = new RuleConfig(this)
108 | this.script = new Script(this)
109 | this.search = new Search(this)
110 | this.selenium = new Selenium(this)
111 | this.sessionManagement = new SessionManagement(this)
112 | this.soap = new Soap(this)
113 | this.spider = new Spider(this)
114 | this.stats = new Stats(this)
115 | this.users = new Users(this)
116 | this.wappalyzer = new Wappalyzer(this)
117 | this.websocket = new Websocket(this)
118 | }
119 |
120 | class ApiClientError extends Error {
121 | constructor (err) {
122 | super(err.message, { cause: err })
123 | this.name = 'ApiClientError'
124 | this.response = {
125 | status: err.response?.status,
126 | data: err.response?.data
127 | }
128 | }
129 | }
130 |
131 | ClientApi.prototype.request = async (url, data, format, method = 'GET') => {
132 | try {
133 | let requestConfig = structuredClone(defaultAxiosConfig)
134 | requestConfig.method = method
135 | requestConfig.url = url
136 | if (data) {
137 | if (method === 'GET') {
138 | requestConfig.params = data
139 | } else {
140 | requestConfig.headers = { ...requestConfig.headers, ...{ 'content-type': 'application/x-www-form-urlencoded' } }
141 | requestConfig.data = data
142 | }
143 | }
144 | if (format === 'other') {
145 | requestConfig = { ...requestConfig, baseURL: BASE_URL_OTHER }
146 | }
147 | const response = await axios.request(requestConfig)
148 |
149 | return response.data
150 | } catch (error) {
151 | return Promise.reject(new ApiClientError(error))
152 | }
153 | }
154 |
155 | module.exports = ClientApi
156 |
--------------------------------------------------------------------------------
/src/httpSessions.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function HttpSessions (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Gets all of the sites that have sessions.
31 | **/
32 | HttpSessions.prototype.sites = function () {
33 | return this.api.request('/httpSessions/view/sites/')
34 | }
35 |
36 | /**
37 | * Gets the sessions for the given site. Optionally returning just the session with the given name.
38 | * @param {string} site
39 | * @param {string} session
40 | **/
41 | HttpSessions.prototype.sessions = function (args) {
42 | const params = { site: args.site }
43 | if (args.session && args.session !== null) {
44 | params.session = args.session
45 | }
46 | return this.api.request('/httpSessions/view/sessions/', params)
47 | }
48 |
49 | /**
50 | * Gets the name of the active session for the given site.
51 | * @param {string} site
52 | **/
53 | HttpSessions.prototype.activeSession = function (args) {
54 | return this.api.request('/httpSessions/view/activeSession/', { site: args.site })
55 | }
56 |
57 | /**
58 | * Gets the names of the session tokens for the given site.
59 | * @param {string} site
60 | **/
61 | HttpSessions.prototype.sessionTokens = function (args) {
62 | return this.api.request('/httpSessions/view/sessionTokens/', { site: args.site })
63 | }
64 |
65 | /**
66 | * Gets the default session tokens.
67 | **/
68 | HttpSessions.prototype.defaultSessionTokens = function () {
69 | return this.api.request('/httpSessions/view/defaultSessionTokens/')
70 | }
71 |
72 | /**
73 | * Creates an empty session for the given site. Optionally with the given name.
74 | * @param {string} site
75 | * @param {string} session
76 | **/
77 | HttpSessions.prototype.createEmptySession = function (args) {
78 | const params = { site: args.site }
79 | if (args.session && args.session !== null) {
80 | params.session = args.session
81 | }
82 | return this.api.request('/httpSessions/action/createEmptySession/', params)
83 | }
84 |
85 | /**
86 | * Removes the session from the given site.
87 | * @param {string} site
88 | * @param {string} session
89 | **/
90 | HttpSessions.prototype.removeSession = function (args) {
91 | return this.api.request('/httpSessions/action/removeSession/', { site: args.site, session: args.session })
92 | }
93 |
94 | /**
95 | * Sets the given session as active for the given site.
96 | * @param {string} site
97 | * @param {string} session
98 | **/
99 | HttpSessions.prototype.setActiveSession = function (args) {
100 | return this.api.request('/httpSessions/action/setActiveSession/', { site: args.site, session: args.session })
101 | }
102 |
103 | /**
104 | * Unsets the active session of the given site.
105 | * @param {string} site
106 | **/
107 | HttpSessions.prototype.unsetActiveSession = function (args) {
108 | return this.api.request('/httpSessions/action/unsetActiveSession/', { site: args.site })
109 | }
110 |
111 | /**
112 | * Adds the session token to the given site.
113 | * @param {string} site
114 | * @param {string} sessiontoken
115 | **/
116 | HttpSessions.prototype.addSessionToken = function (args) {
117 | return this.api.request('/httpSessions/action/addSessionToken/', { site: args.site, sessionToken: args.sessiontoken })
118 | }
119 |
120 | /**
121 | * Removes the session token from the given site.
122 | * @param {string} site
123 | * @param {string} sessiontoken
124 | **/
125 | HttpSessions.prototype.removeSessionToken = function (args) {
126 | return this.api.request('/httpSessions/action/removeSessionToken/', { site: args.site, sessionToken: args.sessiontoken })
127 | }
128 |
129 | /**
130 | * Sets the value of the session token of the given session for the given site.
131 | * @param {string} site
132 | * @param {string} session
133 | * @param {string} sessiontoken
134 | * @param {string} tokenvalue
135 | **/
136 | HttpSessions.prototype.setSessionTokenValue = function (args) {
137 | return this.api.request('/httpSessions/action/setSessionTokenValue/', { site: args.site, session: args.session, sessionToken: args.sessiontoken, tokenValue: args.tokenvalue })
138 | }
139 |
140 | /**
141 | * Renames the session of the given site.
142 | * @param {string} site
143 | * @param {string} oldsessionname
144 | * @param {string} newsessionname
145 | **/
146 | HttpSessions.prototype.renameSession = function (args) {
147 | return this.api.request('/httpSessions/action/renameSession/', { site: args.site, oldSessionName: args.oldsessionname, newSessionName: args.newsessionname })
148 | }
149 |
150 | /**
151 | * Adds a default session token with the given name and enabled state.
152 | * @param {string} sessiontoken
153 | * @param {string} tokenenabled
154 | **/
155 | HttpSessions.prototype.addDefaultSessionToken = function (args) {
156 | const params = { sessionToken: args.sessiontoken }
157 | if (args.tokenenabled && args.tokenenabled !== null) {
158 | params.tokenEnabled = args.tokenenabled
159 | }
160 | return this.api.request('/httpSessions/action/addDefaultSessionToken/', params)
161 | }
162 |
163 | /**
164 | * Sets whether or not the default session token with the given name is enabled.
165 | * @param {string} sessiontoken
166 | * @param {string} tokenenabled
167 | **/
168 | HttpSessions.prototype.setDefaultSessionTokenEnabled = function (args) {
169 | return this.api.request('/httpSessions/action/setDefaultSessionTokenEnabled/', { sessionToken: args.sessiontoken, tokenEnabled: args.tokenenabled })
170 | }
171 |
172 | /**
173 | * Removes the default session token with the given name.
174 | * @param {string} sessiontoken
175 | **/
176 | HttpSessions.prototype.removeDefaultSessionToken = function (args) {
177 | return this.api.request('/httpSessions/action/removeDefaultSessionToken/', { sessionToken: args.sessiontoken })
178 | }
179 |
180 | module.exports = HttpSessions
181 |
--------------------------------------------------------------------------------
/src/pscan.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Pscan (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Tells whether or not the passive scan should be performed only on messages that are in scope.
31 | * This component is optional and therefore the API will only work if it is installed
32 | **/
33 | Pscan.prototype.scanOnlyInScope = function () {
34 | return this.api.request('/pscan/view/scanOnlyInScope/')
35 | }
36 |
37 | /**
38 | * The number of records the passive scanner still has to scan.
39 | * This component is optional and therefore the API will only work if it is installed
40 | **/
41 | Pscan.prototype.recordsToScan = function () {
42 | return this.api.request('/pscan/view/recordsToScan/')
43 | }
44 |
45 | /**
46 | * Lists all passive scan rules with their ID, name, enabled state, and alert threshold.
47 | * This component is optional and therefore the API will only work if it is installed
48 | **/
49 | Pscan.prototype.scanners = function () {
50 | return this.api.request('/pscan/view/scanners/')
51 | }
52 |
53 | /**
54 | * Shows information about the passive scan rule currently being run (if any).
55 | * This component is optional and therefore the API will only work if it is installed
56 | **/
57 | Pscan.prototype.currentRule = function () {
58 | return this.api.request('/pscan/view/currentRule/')
59 | }
60 |
61 | /**
62 | * Shows information about the passive scan tasks currently being run (if any).
63 | * This component is optional and therefore the API will only work if it is installed
64 | **/
65 | Pscan.prototype.currentTasks = function () {
66 | return this.api.request('/pscan/view/currentTasks/')
67 | }
68 |
69 | /**
70 | * Gets the maximum number of alerts a passive scan rule should raise.
71 | * This component is optional and therefore the API will only work if it is installed
72 | **/
73 | Pscan.prototype.maxAlertsPerRule = function () {
74 | return this.api.request('/pscan/view/maxAlertsPerRule/')
75 | }
76 |
77 | /**
78 | * Gets the maximum body size in bytes that the passive scanner will scan.
79 | * This component is optional and therefore the API will only work if it is installed
80 | **/
81 | Pscan.prototype.maxBodySizeInBytes = function () {
82 | return this.api.request('/pscan/view/maxBodySizeInBytes/')
83 | }
84 |
85 | /**
86 | * Sets whether or not the passive scanning is enabled (Note: the enabled state is not persisted).
87 | * This component is optional and therefore the API will only work if it is installed
88 | * @param {string} enabled - The enabled state, true or false.
89 | **/
90 | Pscan.prototype.setEnabled = function (args) {
91 | return this.api.request('/pscan/action/setEnabled/', { enabled: args.enabled })
92 | }
93 |
94 | /**
95 | * Sets whether or not the passive scan should be performed only on messages that are in scope.
96 | * This component is optional and therefore the API will only work if it is installed
97 | * @param {string} onlyinscope - The scan state, true or false.
98 | **/
99 | Pscan.prototype.setScanOnlyInScope = function (args) {
100 | return this.api.request('/pscan/action/setScanOnlyInScope/', { onlyInScope: args.onlyinscope })
101 | }
102 |
103 | /**
104 | * Enables all passive scan rules.
105 | * This component is optional and therefore the API will only work if it is installed
106 | **/
107 | Pscan.prototype.enableAllScanners = function () {
108 | return this.api.request('/pscan/action/enableAllScanners/')
109 | }
110 |
111 | /**
112 | * Disables all passive scan rules.
113 | * This component is optional and therefore the API will only work if it is installed
114 | **/
115 | Pscan.prototype.disableAllScanners = function () {
116 | return this.api.request('/pscan/action/disableAllScanners/')
117 | }
118 |
119 | /**
120 | * Enables passive scan rules.
121 | * This component is optional and therefore the API will only work if it is installed
122 | * @param {string} ids - A comma separated list of scan rule IDs.
123 | **/
124 | Pscan.prototype.enableScanners = function (args) {
125 | return this.api.request('/pscan/action/enableScanners/', { ids: args.ids })
126 | }
127 |
128 | /**
129 | * Disables passive scan rules.
130 | * This component is optional and therefore the API will only work if it is installed
131 | * @param {string} ids - A comma separated list of scan rule IDs.
132 | **/
133 | Pscan.prototype.disableScanners = function (args) {
134 | return this.api.request('/pscan/action/disableScanners/', { ids: args.ids })
135 | }
136 |
137 | /**
138 | * Sets the alert threshold of a passive scan rule.
139 | * This component is optional and therefore the API will only work if it is installed
140 | * @param {string} id - The ID of the scan rule.
141 | * @param {string} alertthreshold - The alert threshold: OFF, DEFAULT, LOW, MEDIUM and HIGH
142 | **/
143 | Pscan.prototype.setScannerAlertThreshold = function (args) {
144 | return this.api.request('/pscan/action/setScannerAlertThreshold/', { id: args.id, alertThreshold: args.alertthreshold })
145 | }
146 |
147 | /**
148 | * Sets the maximum number of alerts a passive scan rule can raise.
149 | * This component is optional and therefore the API will only work if it is installed
150 | * @param {string} maxalerts - The maximum number of alerts.
151 | **/
152 | Pscan.prototype.setMaxAlertsPerRule = function (args) {
153 | return this.api.request('/pscan/action/setMaxAlertsPerRule/', { maxAlerts: args.maxalerts })
154 | }
155 |
156 | /**
157 | * Sets the maximum body size in bytes that the passive scanner will scan.
158 | * This component is optional and therefore the API will only work if it is installed
159 | * @param {string} maxsize - The maximum size in bytes, 0 to unset.
160 | **/
161 | Pscan.prototype.setMaxBodySizeInBytes = function (args) {
162 | return this.api.request('/pscan/action/setMaxBodySizeInBytes/', { maxSize: args.maxsize })
163 | }
164 |
165 | /**
166 | * Disables all passive scan tags.
167 | * This component is optional and therefore the API will only work if it is installed
168 | **/
169 | Pscan.prototype.disableAllTags = function () {
170 | return this.api.request('/pscan/action/disableAllTags/')
171 | }
172 |
173 | /**
174 | * Enables all passive scan tags.
175 | * This component is optional and therefore the API will only work if it is installed
176 | **/
177 | Pscan.prototype.enableAllTags = function () {
178 | return this.api.request('/pscan/action/enableAllTags/')
179 | }
180 |
181 | /**
182 | * Clears the passive scan queue.
183 | * This component is optional and therefore the API will only work if it is installed
184 | **/
185 | Pscan.prototype.clearQueue = function () {
186 | return this.api.request('/pscan/action/clearQueue/')
187 | }
188 |
189 | module.exports = Pscan
190 |
--------------------------------------------------------------------------------
/src/autoupdate.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Autoupdate (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Returns the latest version number
31 | **/
32 | Autoupdate.prototype.latestVersionNumber = function () {
33 | return this.api.request('/autoupdate/view/latestVersionNumber/')
34 | }
35 |
36 | /**
37 | * Returns 'true' if ZAP is on the latest version
38 | **/
39 | Autoupdate.prototype.isLatestVersion = function () {
40 | return this.api.request('/autoupdate/view/isLatestVersion/')
41 | }
42 |
43 | /**
44 | * Return a list of all of the installed add-ons
45 | **/
46 | Autoupdate.prototype.installedAddons = function () {
47 | return this.api.request('/autoupdate/view/installedAddons/')
48 | }
49 |
50 | /**
51 | * Returns a list with all local add-ons, installed or not.
52 | **/
53 | Autoupdate.prototype.localAddons = function () {
54 | return this.api.request('/autoupdate/view/localAddons/')
55 | }
56 |
57 | /**
58 | * Return a list of any add-ons that have been added to the Marketplace since the last check for updates
59 | **/
60 | Autoupdate.prototype.newAddons = function () {
61 | return this.api.request('/autoupdate/view/newAddons/')
62 | }
63 |
64 | /**
65 | * Return a list of any add-ons that have been changed in the Marketplace since the last check for updates
66 | **/
67 | Autoupdate.prototype.updatedAddons = function () {
68 | return this.api.request('/autoupdate/view/updatedAddons/')
69 | }
70 |
71 | /**
72 | * Return a list of all of the add-ons on the ZAP Marketplace (this information is read once and then cached)
73 | **/
74 | Autoupdate.prototype.marketplaceAddons = function () {
75 | return this.api.request('/autoupdate/view/marketplaceAddons/')
76 | }
77 |
78 | /**
79 | *
80 | **/
81 | Autoupdate.prototype.optionAddonDirectories = function () {
82 | return this.api.request('/autoupdate/view/optionAddonDirectories/')
83 | }
84 |
85 | /**
86 | *
87 | **/
88 | Autoupdate.prototype.optionDayLastChecked = function () {
89 | return this.api.request('/autoupdate/view/optionDayLastChecked/')
90 | }
91 |
92 | /**
93 | *
94 | **/
95 | Autoupdate.prototype.optionDayLastInstallWarned = function () {
96 | return this.api.request('/autoupdate/view/optionDayLastInstallWarned/')
97 | }
98 |
99 | /**
100 | *
101 | **/
102 | Autoupdate.prototype.optionDayLastUpdateWarned = function () {
103 | return this.api.request('/autoupdate/view/optionDayLastUpdateWarned/')
104 | }
105 |
106 | /**
107 | *
108 | **/
109 | Autoupdate.prototype.optionDownloadDirectory = function () {
110 | return this.api.request('/autoupdate/view/optionDownloadDirectory/')
111 | }
112 |
113 | /**
114 | *
115 | **/
116 | Autoupdate.prototype.optionCheckAddonUpdates = function () {
117 | return this.api.request('/autoupdate/view/optionCheckAddonUpdates/')
118 | }
119 |
120 | /**
121 | *
122 | **/
123 | Autoupdate.prototype.optionCheckOnStart = function () {
124 | return this.api.request('/autoupdate/view/optionCheckOnStart/')
125 | }
126 |
127 | /**
128 | *
129 | **/
130 | Autoupdate.prototype.optionDownloadNewRelease = function () {
131 | return this.api.request('/autoupdate/view/optionDownloadNewRelease/')
132 | }
133 |
134 | /**
135 | *
136 | **/
137 | Autoupdate.prototype.optionInstallAddonUpdates = function () {
138 | return this.api.request('/autoupdate/view/optionInstallAddonUpdates/')
139 | }
140 |
141 | /**
142 | *
143 | **/
144 | Autoupdate.prototype.optionInstallScannerRules = function () {
145 | return this.api.request('/autoupdate/view/optionInstallScannerRules/')
146 | }
147 |
148 | /**
149 | *
150 | **/
151 | Autoupdate.prototype.optionReportAlphaAddons = function () {
152 | return this.api.request('/autoupdate/view/optionReportAlphaAddons/')
153 | }
154 |
155 | /**
156 | *
157 | **/
158 | Autoupdate.prototype.optionReportBetaAddons = function () {
159 | return this.api.request('/autoupdate/view/optionReportBetaAddons/')
160 | }
161 |
162 | /**
163 | *
164 | **/
165 | Autoupdate.prototype.optionReportReleaseAddons = function () {
166 | return this.api.request('/autoupdate/view/optionReportReleaseAddons/')
167 | }
168 |
169 | /**
170 | * Downloads the latest release, if any
171 | **/
172 | Autoupdate.prototype.downloadLatestRelease = function () {
173 | return this.api.request('/autoupdate/action/downloadLatestRelease/')
174 | }
175 |
176 | /**
177 | * Installs or updates the specified add-on, returning when complete (i.e. not asynchronously)
178 | * @param {string} id
179 | **/
180 | Autoupdate.prototype.installAddon = function (args) {
181 | return this.api.request('/autoupdate/action/installAddon/', { id: args.id })
182 | }
183 |
184 | /**
185 | *
186 | * @param {string} file
187 | **/
188 | Autoupdate.prototype.installLocalAddon = function (args) {
189 | return this.api.request('/autoupdate/action/installLocalAddon/', { file: args.file })
190 | }
191 |
192 | /**
193 | * Uninstalls the specified add-on
194 | * @param {string} id
195 | **/
196 | Autoupdate.prototype.uninstallAddon = function (args) {
197 | return this.api.request('/autoupdate/action/uninstallAddon/', { id: args.id })
198 | }
199 |
200 | /**
201 | *
202 | * @param {string} bool
203 | **/
204 | Autoupdate.prototype.setOptionCheckAddonUpdates = function (args) {
205 | return this.api.request('/autoupdate/action/setOptionCheckAddonUpdates/', { Boolean: args.bool })
206 | }
207 |
208 | /**
209 | *
210 | * @param {string} bool
211 | **/
212 | Autoupdate.prototype.setOptionCheckOnStart = function (args) {
213 | return this.api.request('/autoupdate/action/setOptionCheckOnStart/', { Boolean: args.bool })
214 | }
215 |
216 | /**
217 | *
218 | * @param {string} bool
219 | **/
220 | Autoupdate.prototype.setOptionDownloadNewRelease = function (args) {
221 | return this.api.request('/autoupdate/action/setOptionDownloadNewRelease/', { Boolean: args.bool })
222 | }
223 |
224 | /**
225 | *
226 | * @param {string} bool
227 | **/
228 | Autoupdate.prototype.setOptionInstallAddonUpdates = function (args) {
229 | return this.api.request('/autoupdate/action/setOptionInstallAddonUpdates/', { Boolean: args.bool })
230 | }
231 |
232 | /**
233 | *
234 | * @param {string} bool
235 | **/
236 | Autoupdate.prototype.setOptionInstallScannerRules = function (args) {
237 | return this.api.request('/autoupdate/action/setOptionInstallScannerRules/', { Boolean: args.bool })
238 | }
239 |
240 | /**
241 | *
242 | * @param {string} bool
243 | **/
244 | Autoupdate.prototype.setOptionReportAlphaAddons = function (args) {
245 | return this.api.request('/autoupdate/action/setOptionReportAlphaAddons/', { Boolean: args.bool })
246 | }
247 |
248 | /**
249 | *
250 | * @param {string} bool
251 | **/
252 | Autoupdate.prototype.setOptionReportBetaAddons = function (args) {
253 | return this.api.request('/autoupdate/action/setOptionReportBetaAddons/', { Boolean: args.bool })
254 | }
255 |
256 | /**
257 | *
258 | * @param {string} bool
259 | **/
260 | Autoupdate.prototype.setOptionReportReleaseAddons = function (args) {
261 | return this.api.request('/autoupdate/action/setOptionReportReleaseAddons/', { Boolean: args.bool })
262 | }
263 |
264 | module.exports = Autoupdate
265 |
--------------------------------------------------------------------------------
/src/graphql.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Graphql (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Returns how arguments are currently specified.
31 | * This component is optional and therefore the API will only work if it is installed
32 | **/
33 | Graphql.prototype.optionArgsType = function () {
34 | return this.api.request('/graphql/view/optionArgsType/')
35 | }
36 |
37 | /**
38 | * Returns whether or not lenient maximum query generation depth is enabled.
39 | * This component is optional and therefore the API will only work if it is installed
40 | **/
41 | Graphql.prototype.optionLenientMaxQueryDepthEnabled = function () {
42 | return this.api.request('/graphql/view/optionLenientMaxQueryDepthEnabled/')
43 | }
44 |
45 | /**
46 | * Returns the current maximum additional query generation depth.
47 | * This component is optional and therefore the API will only work if it is installed
48 | **/
49 | Graphql.prototype.optionMaxAdditionalQueryDepth = function () {
50 | return this.api.request('/graphql/view/optionMaxAdditionalQueryDepth/')
51 | }
52 |
53 | /**
54 | * Returns the current maximum arguments generation depth.
55 | * This component is optional and therefore the API will only work if it is installed
56 | **/
57 | Graphql.prototype.optionMaxArgsDepth = function () {
58 | return this.api.request('/graphql/view/optionMaxArgsDepth/')
59 | }
60 |
61 | /**
62 | * Returns the current maximum query generation depth.
63 | * This component is optional and therefore the API will only work if it is installed
64 | **/
65 | Graphql.prototype.optionMaxQueryDepth = function () {
66 | return this.api.request('/graphql/view/optionMaxQueryDepth/')
67 | }
68 |
69 | /**
70 | * Returns whether or not optional arguments are currently specified.
71 | * This component is optional and therefore the API will only work if it is installed
72 | **/
73 | Graphql.prototype.optionOptionalArgsEnabled = function () {
74 | return this.api.request('/graphql/view/optionOptionalArgsEnabled/')
75 | }
76 |
77 | /**
78 | * Returns whether the query generator is enabled.
79 | * This component is optional and therefore the API will only work if it is installed
80 | **/
81 | Graphql.prototype.optionQueryGenEnabled = function () {
82 | return this.api.request('/graphql/view/optionQueryGenEnabled/')
83 | }
84 |
85 | /**
86 | * Returns the current level for which a single query is generated.
87 | * This component is optional and therefore the API will only work if it is installed
88 | **/
89 | Graphql.prototype.optionQuerySplitType = function () {
90 | return this.api.request('/graphql/view/optionQuerySplitType/')
91 | }
92 |
93 | /**
94 | * Returns the current request method.
95 | * This component is optional and therefore the API will only work if it is installed
96 | **/
97 | Graphql.prototype.optionRequestMethod = function () {
98 | return this.api.request('/graphql/view/optionRequestMethod/')
99 | }
100 |
101 | /**
102 | * Imports a GraphQL Schema from a File.
103 | * This component is optional and therefore the API will only work if it is installed
104 | * @param {string} endurl - The Endpoint URL.
105 | * @param {string} file - The File That Contains the GraphQL Schema.
106 | **/
107 | Graphql.prototype.importFile = function (args) {
108 | return this.api.request('/graphql/action/importFile/', { endurl: args.endurl, file: args.file })
109 | }
110 |
111 | /**
112 | * Imports a GraphQL Schema from a URL.
113 | * This component is optional and therefore the API will only work if it is installed
114 | * @param {string} endurl - The Endpoint URL.
115 | * @param {string} url - The URL Locating the GraphQL Schema.
116 | **/
117 | Graphql.prototype.importUrl = function (args) {
118 | const params = { endurl: args.endurl }
119 | if (args.url && args.url !== null) {
120 | params.url = args.url
121 | }
122 | return this.api.request('/graphql/action/importUrl/', params)
123 | }
124 |
125 | /**
126 | * Sets how arguments are specified.
127 | * This component is optional and therefore the API will only work if it is installed
128 | * @param {string} string - Can be "INLINE", "VARIABLES", or "BOTH".
129 | **/
130 | Graphql.prototype.setOptionArgsType = function (args) {
131 | return this.api.request('/graphql/action/setOptionArgsType/', { String: args.string })
132 | }
133 |
134 | /**
135 | * Sets the level for which a single query is generated.
136 | * This component is optional and therefore the API will only work if it is installed
137 | * @param {string} string - Can be "LEAF", "ROOT_FIELD", or "OPERATION".
138 | **/
139 | Graphql.prototype.setOptionQuerySplitType = function (args) {
140 | return this.api.request('/graphql/action/setOptionQuerySplitType/', { String: args.string })
141 | }
142 |
143 | /**
144 | * Sets the request method.
145 | * This component is optional and therefore the API will only work if it is installed
146 | * @param {string} string - Can be "POST_JSON", "POST_GRAPHQL", or "GET".
147 | **/
148 | Graphql.prototype.setOptionRequestMethod = function (args) {
149 | return this.api.request('/graphql/action/setOptionRequestMethod/', { String: args.string })
150 | }
151 |
152 | /**
153 | * Sets whether or not Maximum Query Depth is enforced leniently.
154 | * This component is optional and therefore the API will only work if it is installed
155 | * @param {string} bool - Enforce Leniently (true or false).
156 | **/
157 | Graphql.prototype.setOptionLenientMaxQueryDepthEnabled = function (args) {
158 | return this.api.request('/graphql/action/setOptionLenientMaxQueryDepthEnabled/', { Boolean: args.bool })
159 | }
160 |
161 | /**
162 | * Sets the maximum additional query generation depth (used if enforced leniently).
163 | * This component is optional and therefore the API will only work if it is installed
164 | * @param {string} integer - The Maximum Additional Depth.
165 | **/
166 | Graphql.prototype.setOptionMaxAdditionalQueryDepth = function (args) {
167 | return this.api.request('/graphql/action/setOptionMaxAdditionalQueryDepth/', { Integer: args.integer })
168 | }
169 |
170 | /**
171 | * Sets the maximum arguments generation depth.
172 | * This component is optional and therefore the API will only work if it is installed
173 | * @param {string} integer - The Maximum Depth.
174 | **/
175 | Graphql.prototype.setOptionMaxArgsDepth = function (args) {
176 | return this.api.request('/graphql/action/setOptionMaxArgsDepth/', { Integer: args.integer })
177 | }
178 |
179 | /**
180 | * Sets the maximum query generation depth.
181 | * This component is optional and therefore the API will only work if it is installed
182 | * @param {string} integer - The Maximum Depth.
183 | **/
184 | Graphql.prototype.setOptionMaxQueryDepth = function (args) {
185 | return this.api.request('/graphql/action/setOptionMaxQueryDepth/', { Integer: args.integer })
186 | }
187 |
188 | /**
189 | * Sets whether or not Optional Arguments should be specified.
190 | * This component is optional and therefore the API will only work if it is installed
191 | * @param {string} bool - Specify Optional Arguments (true or false).
192 | **/
193 | Graphql.prototype.setOptionOptionalArgsEnabled = function (args) {
194 | return this.api.request('/graphql/action/setOptionOptionalArgsEnabled/', { Boolean: args.bool })
195 | }
196 |
197 | /**
198 | * Sets whether the query generator is enabled.
199 | * This component is optional and therefore the API will only work if it is installed
200 | * @param {string} bool - Enable query generation (true or false).
201 | **/
202 | Graphql.prototype.setOptionQueryGenEnabled = function (args) {
203 | return this.api.request('/graphql/action/setOptionQueryGenEnabled/', { Boolean: args.bool })
204 | }
205 |
206 | module.exports = Graphql
207 |
--------------------------------------------------------------------------------
/src/users.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Users (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Gets a list of users that belong to the context with the given ID, or all users if none provided.
31 | * @param {string} contextid - The Context ID
32 | **/
33 | Users.prototype.usersList = function (args) {
34 | const params = { }
35 | if (args.contextid && args.contextid !== null) {
36 | params.contextId = args.contextid
37 | }
38 | return this.api.request('/users/view/usersList/', params)
39 | }
40 |
41 | /**
42 | * Gets the data of the user with the given ID that belongs to the context with the given ID.
43 | * @param {string} contextid - The Context ID
44 | * @param {string} userid - The User ID
45 | **/
46 | Users.prototype.getUserById = function (args) {
47 | return this.api.request('/users/view/getUserById/', { contextId: args.contextid, userId: args.userid })
48 | }
49 |
50 | /**
51 | * Gets the configuration parameters for the credentials of the context with the given ID.
52 | * @param {string} contextid - The Context ID
53 | **/
54 | Users.prototype.getAuthenticationCredentialsConfigParams = function (args) {
55 | return this.api.request('/users/view/getAuthenticationCredentialsConfigParams/', { contextId: args.contextid })
56 | }
57 |
58 | /**
59 | * Gets the authentication credentials of the user with given ID that belongs to the context with the given ID.
60 | * @param {string} contextid - The Context ID
61 | * @param {string} userid - the User ID
62 | **/
63 | Users.prototype.getAuthenticationCredentials = function (args) {
64 | return this.api.request('/users/view/getAuthenticationCredentials/', { contextId: args.contextid, userId: args.userid })
65 | }
66 |
67 | /**
68 | * Gets the authentication state information for the user identified by the Context and User Ids.
69 | * @param {string} contextid - The Context ID
70 | * @param {string} userid - The User ID
71 | **/
72 | Users.prototype.getAuthenticationState = function (args) {
73 | return this.api.request('/users/view/getAuthenticationState/', { contextId: args.contextid, userId: args.userid })
74 | }
75 |
76 | /**
77 | * Gets the authentication session information for the user identified by the Context and User Ids, e.g. cookies and realm credentials.
78 | * @param {string} contextid - The Context ID
79 | * @param {string} userid - The User ID
80 | **/
81 | Users.prototype.getAuthenticationSession = function (args) {
82 | return this.api.request('/users/view/getAuthenticationSession/', { contextId: args.contextid, userId: args.userid })
83 | }
84 |
85 | /**
86 | * Creates a new user with the given name for the context with the given ID.
87 | * @param {string} contextid - The Context ID
88 | * @param {string} name
89 | **/
90 | Users.prototype.newUser = function (args) {
91 | return this.api.request('/users/action/newUser/', { contextId: args.contextid, name: args.name })
92 | }
93 |
94 | /**
95 | * Removes the user with the given ID that belongs to the context with the given ID.
96 | * @param {string} contextid - The Context ID
97 | * @param {string} userid - The User ID
98 | **/
99 | Users.prototype.removeUser = function (args) {
100 | return this.api.request('/users/action/removeUser/', { contextId: args.contextid, userId: args.userid })
101 | }
102 |
103 | /**
104 | * Sets whether or not the user, with the given ID that belongs to the context with the given ID, should be enabled.
105 | * @param {string} contextid - The Context ID
106 | * @param {string} userid - The User ID
107 | * @param {string} enabled
108 | **/
109 | Users.prototype.setUserEnabled = function (args) {
110 | return this.api.request('/users/action/setUserEnabled/', { contextId: args.contextid, userId: args.userid, enabled: args.enabled })
111 | }
112 |
113 | /**
114 | * Renames the user with the given ID that belongs to the context with the given ID.
115 | * @param {string} contextid - The Context ID
116 | * @param {string} userid - The User ID
117 | * @param {string} name
118 | **/
119 | Users.prototype.setUserName = function (args) {
120 | return this.api.request('/users/action/setUserName/', { contextId: args.contextid, userId: args.userid, name: args.name })
121 | }
122 |
123 | /**
124 | * Sets the authentication credentials for the user with the given ID that belongs to the context with the given ID.
125 | * @param {string} contextid - The Context ID
126 | * @param {string} userid - The User ID
127 | * @param {string} authcredentialsconfigparams
128 | **/
129 | Users.prototype.setAuthenticationCredentials = function (args) {
130 | const params = { contextId: args.contextid, userId: args.userid }
131 | if (args.authcredentialsconfigparams && args.authcredentialsconfigparams !== null) {
132 | params.authCredentialsConfigParams = args.authcredentialsconfigparams
133 | }
134 | return this.api.request('/users/action/setAuthenticationCredentials/', params)
135 | }
136 |
137 | /**
138 | * Tries to authenticate as the identified user, returning the authentication request and whether it appears to have succeeded.
139 | * @param {string} contextid - The Context ID
140 | * @param {string} userid - The User ID
141 | **/
142 | Users.prototype.authenticateAsUser = function (args) {
143 | return this.api.request('/users/action/authenticateAsUser/', { contextId: args.contextid, userId: args.userid })
144 | }
145 |
146 | /**
147 | * Tries to poll as the identified user, returning the authentication request and whether it appears to have succeeded. This will only work if the polling verification strategy has been configured.
148 | * @param {string} contextid - The Context ID
149 | * @param {string} userid - The User ID
150 | **/
151 | Users.prototype.pollAsUser = function (args) {
152 | return this.api.request('/users/action/pollAsUser/', { contextId: args.contextid, userId: args.userid })
153 | }
154 |
155 | /**
156 | * Sets fields in the authentication state for the user identified by the Context and User Ids.
157 | * @param {string} contextid - The Context ID
158 | * @param {string} userid - The User ID
159 | * @param {string} lastpollresult - Last Poll Result - optional, should be 'true' or 'false'.
160 | * @param {string} lastpolltimeinms - Last Poll Time in Milliseconds - optional, should be a long or 'NOW' for the current time in ms.
161 | * @param {string} requestssincelastpoll - Requests Since Last Poll - optional, should be an integer.
162 | **/
163 | Users.prototype.setAuthenticationState = function (args) {
164 | const params = { contextId: args.contextid, userId: args.userid }
165 | if (args.lastpollresult && args.lastpollresult !== null) {
166 | params.lastPollResult = args.lastpollresult
167 | }
168 | if (args.lastpolltimeinms && args.lastpolltimeinms !== null) {
169 | params.lastPollTimeInMs = args.lastpolltimeinms
170 | }
171 | if (args.requestssincelastpoll && args.requestssincelastpoll !== null) {
172 | params.requestsSinceLastPoll = args.requestssincelastpoll
173 | }
174 | return this.api.request('/users/action/setAuthenticationState/', params)
175 | }
176 |
177 | /**
178 | * Sets the specified cookie for the user identified by the Context and User Ids.
179 | * @param {string} contextid - The Context ID
180 | * @param {string} userid - The User ID
181 | * @param {string} domain - The Cookie Domain
182 | * @param {string} name - The Cookie Name
183 | * @param {string} value - The Cookie Value
184 | * @param {string} path - The Cookie Path - optional default no path
185 | * @param {string} secure - If the Cookie is secure - optional default false
186 | **/
187 | Users.prototype.setCookie = function (args) {
188 | const params = { contextId: args.contextid, userId: args.userid, domain: args.domain, name: args.name, value: args.value }
189 | if (args.path && args.path !== null) {
190 | params.path = args.path
191 | }
192 | if (args.secure && args.secure !== null) {
193 | params.secure = args.secure
194 | }
195 | return this.api.request('/users/action/setCookie/', params)
196 | }
197 |
198 | module.exports = Users
199 |
--------------------------------------------------------------------------------
/src/context.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Context (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * List context names of current session
31 | **/
32 | Context.prototype.contextList = function () {
33 | return this.api.request('/context/view/contextList/')
34 | }
35 |
36 | /**
37 | * List excluded regexs for context
38 | * @param {string} contextname - The name of the context
39 | **/
40 | Context.prototype.excludeRegexs = function (args) {
41 | return this.api.request('/context/view/excludeRegexs/', { contextName: args.contextname })
42 | }
43 |
44 | /**
45 | * List included regexs for context
46 | * @param {string} contextname - The name of the context
47 | **/
48 | Context.prototype.includeRegexs = function (args) {
49 | return this.api.request('/context/view/includeRegexs/', { contextName: args.contextname })
50 | }
51 |
52 | /**
53 | * List the information about the named context
54 | * @param {string} contextname - The name of the context
55 | **/
56 | Context.prototype.context = function (args) {
57 | return this.api.request('/context/view/context/', { contextName: args.contextname })
58 | }
59 |
60 | /**
61 | * Lists the names of all built in technologies
62 | **/
63 | Context.prototype.technologyList = function () {
64 | return this.api.request('/context/view/technologyList/')
65 | }
66 |
67 | /**
68 | * Lists the names of all technologies included in a context
69 | * @param {string} contextname - The name of the context
70 | **/
71 | Context.prototype.includedTechnologyList = function (args) {
72 | return this.api.request('/context/view/includedTechnologyList/', { contextName: args.contextname })
73 | }
74 |
75 | /**
76 | * Lists the names of all technologies excluded from a context
77 | * @param {string} contextname - The name of the context
78 | **/
79 | Context.prototype.excludedTechnologyList = function (args) {
80 | return this.api.request('/context/view/excludedTechnologyList/', { contextName: args.contextname })
81 | }
82 |
83 | /**
84 | * Lists the URLs accessed through/by ZAP, that belong to the context with the given name.
85 | * @param {string} contextname - The name of the context
86 | **/
87 | Context.prototype.urls = function (args) {
88 | return this.api.request('/context/view/urls/', { contextName: args.contextname })
89 | }
90 |
91 | /**
92 | * Add exclude regex to context
93 | * @param {string} contextname - The name of the context
94 | * @param {string} regex
95 | **/
96 | Context.prototype.excludeFromContext = function (args) {
97 | return this.api.request('/context/action/excludeFromContext/', { contextName: args.contextname, regex: args.regex })
98 | }
99 |
100 | /**
101 | * Add include regex to context
102 | * @param {string} contextname - The name of the context
103 | * @param {string} regex
104 | **/
105 | Context.prototype.includeInContext = function (args) {
106 | return this.api.request('/context/action/includeInContext/', { contextName: args.contextname, regex: args.regex })
107 | }
108 |
109 | /**
110 | * Set the regexs to include and exclude for a context, both supplied as JSON string arrays
111 | * @param {string} contextname - The name of the context
112 | * @param {string} incregexs
113 | * @param {string} excregexs
114 | **/
115 | Context.prototype.setContextRegexs = function (args) {
116 | return this.api.request('/context/action/setContextRegexs/', { contextName: args.contextname, incRegexs: args.incregexs, excRegexs: args.excregexs })
117 | }
118 |
119 | /**
120 | * Set the checking strategy for a context - this defines how ZAP checks that a request is authenticated
121 | * @param {string} contextname - The name of the context
122 | * @param {string} checkingstrategy - One of EACH_RESP, EACH_REQ, EACH_REQ_RESP, POLL_URL
123 | * @param {string} pollurl - The URL for ZAP to poll, must be supplied if checkingStrategy = POLL_URL, otherwise ignored
124 | * @param {string} polldata - The POST data to supply to the pollUrl, option and only takes effect if checkingStrategy = POLL_URL
125 | * @param {string} pollheaders - Any additional headers that need to be added to the poll request, separated by '\n' characters, only takes effect if checkingStrategy = POLL_URL
126 | * @param {string} pollfrequency - An integer greater than zero, must be supplied if checkingStrategy = POLL_URL, otherwise ignored
127 | * @param {string} pollfrequencyunits - One of REQUESTS, SECONDS, must be supplied if checkingStrategy = POLL_URL, otherwise ignored
128 | **/
129 | Context.prototype.setContextCheckingStrategy = function (args) {
130 | const params = { contextName: args.contextname, checkingStrategy: args.checkingstrategy }
131 | if (args.pollurl && args.pollurl !== null) {
132 | params.pollUrl = args.pollurl
133 | }
134 | if (args.polldata && args.polldata !== null) {
135 | params.pollData = args.polldata
136 | }
137 | if (args.pollheaders && args.pollheaders !== null) {
138 | params.pollHeaders = args.pollheaders
139 | }
140 | if (args.pollfrequency && args.pollfrequency !== null) {
141 | params.pollFrequency = args.pollfrequency
142 | }
143 | if (args.pollfrequencyunits && args.pollfrequencyunits !== null) {
144 | params.pollFrequencyUnits = args.pollfrequencyunits
145 | }
146 | return this.api.request('/context/action/setContextCheckingStrategy/', params)
147 | }
148 |
149 | /**
150 | * Creates a new context with the given name in the current session
151 | * @param {string} contextname - The name of the context
152 | **/
153 | Context.prototype.newContext = function (args) {
154 | return this.api.request('/context/action/newContext/', { contextName: args.contextname })
155 | }
156 |
157 | /**
158 | * Removes a context in the current session
159 | * @param {string} contextname - The name of the context
160 | **/
161 | Context.prototype.removeContext = function (args) {
162 | return this.api.request('/context/action/removeContext/', { contextName: args.contextname })
163 | }
164 |
165 | /**
166 | * Exports the context with the given name to a file. If a relative file path is specified it will be resolved against the "contexts" directory in ZAP "home" dir.
167 | * @param {string} contextname - The name of the context
168 | * @param {string} contextfile
169 | **/
170 | Context.prototype.exportContext = function (args) {
171 | return this.api.request('/context/action/exportContext/', { contextName: args.contextname, contextFile: args.contextfile })
172 | }
173 |
174 | /**
175 | * Imports a context from a file. If a relative file path is specified it will be resolved against the "contexts" directory in ZAP "home" dir.
176 | * @param {string} contextfile
177 | **/
178 | Context.prototype.importContext = function (args) {
179 | return this.api.request('/context/action/importContext/', { contextFile: args.contextfile })
180 | }
181 |
182 | /**
183 | * Includes technologies with the given names, separated by a comma, to a context
184 | * @param {string} contextname - The name of the context
185 | * @param {string} technologynames
186 | **/
187 | Context.prototype.includeContextTechnologies = function (args) {
188 | return this.api.request('/context/action/includeContextTechnologies/', { contextName: args.contextname, technologyNames: args.technologynames })
189 | }
190 |
191 | /**
192 | * Includes all built in technologies in to a context
193 | * @param {string} contextname - The name of the context
194 | **/
195 | Context.prototype.includeAllContextTechnologies = function (args) {
196 | return this.api.request('/context/action/includeAllContextTechnologies/', { contextName: args.contextname })
197 | }
198 |
199 | /**
200 | * Excludes technologies with the given names, separated by a comma, from a context
201 | * @param {string} contextname - The name of the context
202 | * @param {string} technologynames
203 | **/
204 | Context.prototype.excludeContextTechnologies = function (args) {
205 | return this.api.request('/context/action/excludeContextTechnologies/', { contextName: args.contextname, technologyNames: args.technologynames })
206 | }
207 |
208 | /**
209 | * Excludes all built in technologies from a context
210 | * @param {string} contextname - The name of the context
211 | **/
212 | Context.prototype.excludeAllContextTechnologies = function (args) {
213 | return this.api.request('/context/action/excludeAllContextTechnologies/', { contextName: args.contextname })
214 | }
215 |
216 | /**
217 | * Sets a context to in scope (contexts are in scope by default)
218 | * @param {string} contextname - The name of the context
219 | * @param {string} booleaninscope
220 | **/
221 | Context.prototype.setContextInScope = function (args) {
222 | return this.api.request('/context/action/setContextInScope/', { contextName: args.contextname, booleanInScope: args.booleaninscope })
223 | }
224 |
225 | module.exports = Context
226 |
--------------------------------------------------------------------------------
/src/selenium.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Selenium (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * This component is optional and therefore the API will only work if it is installed
31 | **/
32 | Selenium.prototype.optionBrowserExtensions = function () {
33 | return this.api.request('/selenium/view/optionBrowserExtensions/')
34 | }
35 |
36 | /**
37 | * Returns the current path to Chrome binary
38 | * This component is optional and therefore the API will only work if it is installed
39 | **/
40 | Selenium.prototype.optionChromeBinaryPath = function () {
41 | return this.api.request('/selenium/view/optionChromeBinaryPath/')
42 | }
43 |
44 | /**
45 | * Returns the current path to ChromeDriver
46 | * This component is optional and therefore the API will only work if it is installed
47 | **/
48 | Selenium.prototype.optionChromeDriverPath = function () {
49 | return this.api.request('/selenium/view/optionChromeDriverPath/')
50 | }
51 |
52 | /**
53 | * Returns the current path to Edge binary
54 | * This component is optional and therefore the API will only work if it is installed
55 | **/
56 | Selenium.prototype.optionEdgeBinaryPath = function () {
57 | return this.api.request('/selenium/view/optionEdgeBinaryPath/')
58 | }
59 |
60 | /**
61 | * Returns the current path to EdgeDriver
62 | * This component is optional and therefore the API will only work if it is installed
63 | **/
64 | Selenium.prototype.optionEdgeDriverPath = function () {
65 | return this.api.request('/selenium/view/optionEdgeDriverPath/')
66 | }
67 |
68 | /**
69 | * Returns the current path to Firefox binary
70 | * This component is optional and therefore the API will only work if it is installed
71 | **/
72 | Selenium.prototype.optionFirefoxBinaryPath = function () {
73 | return this.api.request('/selenium/view/optionFirefoxBinaryPath/')
74 | }
75 |
76 | /**
77 | * This component is optional and therefore the API will only work if it is installed
78 | **/
79 | Selenium.prototype.optionFirefoxDefaultProfile = function () {
80 | return this.api.request('/selenium/view/optionFirefoxDefaultProfile/')
81 | }
82 |
83 | /**
84 | * Returns the current path to Firefox driver (geckodriver)
85 | * This component is optional and therefore the API will only work if it is installed
86 | **/
87 | Selenium.prototype.optionFirefoxDriverPath = function () {
88 | return this.api.request('/selenium/view/optionFirefoxDriverPath/')
89 | }
90 |
91 | /**
92 | * This component is optional and therefore the API will only work if it is installed
93 | **/
94 | Selenium.prototype.optionIeDriverPath = function () {
95 | return this.api.request('/selenium/view/optionIeDriverPath/')
96 | }
97 |
98 | /**
99 | * This component is optional and therefore the API will only work if it is installed
100 | **/
101 | Selenium.prototype.optionLastDirectory = function () {
102 | return this.api.request('/selenium/view/optionLastDirectory/')
103 | }
104 |
105 | /**
106 | * This component is optional and therefore the API will only work if it is installed
107 | **/
108 | Selenium.prototype.optionPhantomJsBinaryPath = function () {
109 | return this.api.request('/selenium/view/optionPhantomJsBinaryPath/')
110 | }
111 |
112 | /**
113 | * Gets the browser arguments.
114 | * This component is optional and therefore the API will only work if it is installed
115 | * @param {string} browser - The browser, chrome, edge, or firefox.
116 | **/
117 | Selenium.prototype.getBrowserArguments = function (args) {
118 | return this.api.request('/selenium/view/getBrowserArguments/', { browser: args.browser })
119 | }
120 |
121 | /**
122 | * Sets the current path to Chrome binary
123 | * This component is optional and therefore the API will only work if it is installed
124 | * @param {string} string
125 | **/
126 | Selenium.prototype.setOptionChromeBinaryPath = function (args) {
127 | return this.api.request('/selenium/action/setOptionChromeBinaryPath/', { String: args.string })
128 | }
129 |
130 | /**
131 | * Sets the current path to ChromeDriver
132 | * This component is optional and therefore the API will only work if it is installed
133 | * @param {string} string
134 | **/
135 | Selenium.prototype.setOptionChromeDriverPath = function (args) {
136 | return this.api.request('/selenium/action/setOptionChromeDriverPath/', { String: args.string })
137 | }
138 |
139 | /**
140 | * Sets the current path to Edge binary
141 | * This component is optional and therefore the API will only work if it is installed
142 | * @param {string} string
143 | **/
144 | Selenium.prototype.setOptionEdgeBinaryPath = function (args) {
145 | return this.api.request('/selenium/action/setOptionEdgeBinaryPath/', { String: args.string })
146 | }
147 |
148 | /**
149 | * Sets the current path to EdgeDriver
150 | * This component is optional and therefore the API will only work if it is installed
151 | * @param {string} string
152 | **/
153 | Selenium.prototype.setOptionEdgeDriverPath = function (args) {
154 | return this.api.request('/selenium/action/setOptionEdgeDriverPath/', { String: args.string })
155 | }
156 |
157 | /**
158 | * Sets the current path to Firefox binary
159 | * This component is optional and therefore the API will only work if it is installed
160 | * @param {string} string
161 | **/
162 | Selenium.prototype.setOptionFirefoxBinaryPath = function (args) {
163 | return this.api.request('/selenium/action/setOptionFirefoxBinaryPath/', { String: args.string })
164 | }
165 |
166 | /**
167 | * This component is optional and therefore the API will only work if it is installed
168 | **/
169 | Selenium.prototype.setOptionFirefoxDefaultProfile = function (args) {
170 | return this.api.request('/selenium/action/setOptionFirefoxDefaultProfile/', { String: args.string })
171 | }
172 |
173 | /**
174 | * Sets the current path to Firefox driver (geckodriver)
175 | * This component is optional and therefore the API will only work if it is installed
176 | * @param {string} string
177 | **/
178 | Selenium.prototype.setOptionFirefoxDriverPath = function (args) {
179 | return this.api.request('/selenium/action/setOptionFirefoxDriverPath/', { String: args.string })
180 | }
181 |
182 | /**
183 | * This component is optional and therefore the API will only work if it is installed
184 | **/
185 | Selenium.prototype.setOptionIeDriverPath = function (args) {
186 | return this.api.request('/selenium/action/setOptionIeDriverPath/', { String: args.string })
187 | }
188 |
189 | /**
190 | * This component is optional and therefore the API will only work if it is installed
191 | **/
192 | Selenium.prototype.setOptionLastDirectory = function (args) {
193 | return this.api.request('/selenium/action/setOptionLastDirectory/', { String: args.string })
194 | }
195 |
196 | /**
197 | * This component is optional and therefore the API will only work if it is installed
198 | **/
199 | Selenium.prototype.setOptionPhantomJsBinaryPath = function (args) {
200 | return this.api.request('/selenium/action/setOptionPhantomJsBinaryPath/', { String: args.string })
201 | }
202 |
203 | /**
204 | * Adds a browser argument.
205 | * This component is optional and therefore the API will only work if it is installed
206 | * @param {string} browser - The browser, chrome, edge, or firefox.
207 | * @param {string} argument - The argument.
208 | * @param {string} enabled - The enabled state, true or false.
209 | **/
210 | Selenium.prototype.addBrowserArgument = function (args) {
211 | const params = { browser: args.browser, argument: args.argument }
212 | if (args.enabled && args.enabled !== null) {
213 | params.enabled = args.enabled
214 | }
215 | return this.api.request('/selenium/action/addBrowserArgument/', params)
216 | }
217 |
218 | /**
219 | * Launches a browser proxying through ZAP, for manual usage.
220 | * This component is optional and therefore the API will only work if it is installed
221 | * @param {string} browser - The browser, chrome, edge, or firefox.
222 | **/
223 | Selenium.prototype.launchBrowser = function (args) {
224 | return this.api.request('/selenium/action/launchBrowser/', { browser: args.browser })
225 | }
226 |
227 | /**
228 | * Removes a browser argument.
229 | * This component is optional and therefore the API will only work if it is installed
230 | * @param {string} browser - The browser, chrome, edge, or firefox.
231 | * @param {string} argument - The argument.
232 | **/
233 | Selenium.prototype.removeBrowserArgument = function (args) {
234 | return this.api.request('/selenium/action/removeBrowserArgument/', { browser: args.browser, argument: args.argument })
235 | }
236 |
237 | /**
238 | * Sets whether or not a browser argument is enabled.
239 | * This component is optional and therefore the API will only work if it is installed
240 | * @param {string} browser - The browser, chrome, edge, or firefox.
241 | * @param {string} argument - The argument.
242 | * @param {string} enabled - The enabled state, true or false.
243 | **/
244 | Selenium.prototype.setBrowserArgumentEnabled = function (args) {
245 | return this.api.request('/selenium/action/setBrowserArgumentEnabled/', { browser: args.browser, argument: args.argument, enabled: args.enabled })
246 | }
247 |
248 | module.exports = Selenium
249 |
--------------------------------------------------------------------------------
/src/script.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Script (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Lists the script engines available
31 | * This component is optional and therefore the API will only work if it is installed
32 | **/
33 | Script.prototype.listEngines = function () {
34 | return this.api.request('/script/view/listEngines/')
35 | }
36 |
37 | /**
38 | * Lists the script types available.
39 | * This component is optional and therefore the API will only work if it is installed
40 | **/
41 | Script.prototype.listTypes = function () {
42 | return this.api.request('/script/view/listTypes/')
43 | }
44 |
45 | /**
46 | * Lists the scripts available, with its engine, name, description, type and error state.
47 | * This component is optional and therefore the API will only work if it is installed
48 | **/
49 | Script.prototype.listScripts = function () {
50 | return this.api.request('/script/view/listScripts/')
51 | }
52 |
53 | /**
54 | * Gets the value of the global variable with the given key. Returns an API error (DOES_NOT_EXIST) if no value was previously set.
55 | * This component is optional and therefore the API will only work if it is installed
56 | * @param {string} varkey
57 | **/
58 | Script.prototype.globalVar = function (args) {
59 | return this.api.request('/script/view/globalVar/', { varKey: args.varkey })
60 | }
61 |
62 | /**
63 | * Gets the value (string representation) of a global custom variable. Returns an API error (DOES_NOT_EXIST) if no value was previously set.
64 | * This component is optional and therefore the API will only work if it is installed
65 | * @param {string} varkey - The key of the variable.
66 | **/
67 | Script.prototype.globalCustomVar = function (args) {
68 | return this.api.request('/script/view/globalCustomVar/', { varKey: args.varkey })
69 | }
70 |
71 | /**
72 | * Gets all the global variables (key/value pairs).
73 | * This component is optional and therefore the API will only work if it is installed
74 | **/
75 | Script.prototype.globalVars = function () {
76 | return this.api.request('/script/view/globalVars/')
77 | }
78 |
79 | /**
80 | * Gets all the global custom variables (key/value pairs, the value is the string representation).
81 | * This component is optional and therefore the API will only work if it is installed
82 | **/
83 | Script.prototype.globalCustomVars = function () {
84 | return this.api.request('/script/view/globalCustomVars/')
85 | }
86 |
87 | /**
88 | * Gets the value of the variable with the given key for the given script. Returns an API error (DOES_NOT_EXIST) if no script with the given name exists or if no value was previously set.
89 | * This component is optional and therefore the API will only work if it is installed
90 | * @param {string} scriptname
91 | * @param {string} varkey
92 | **/
93 | Script.prototype.scriptVar = function (args) {
94 | return this.api.request('/script/view/scriptVar/', { scriptName: args.scriptname, varKey: args.varkey })
95 | }
96 |
97 | /**
98 | * Gets the value (string representation) of a custom variable. Returns an API error (DOES_NOT_EXIST) if no script with the given name exists or if no value was previously set.
99 | * This component is optional and therefore the API will only work if it is installed
100 | * @param {string} scriptname - The name of the script.
101 | * @param {string} varkey - The key of the variable.
102 | **/
103 | Script.prototype.scriptCustomVar = function (args) {
104 | return this.api.request('/script/view/scriptCustomVar/', { scriptName: args.scriptname, varKey: args.varkey })
105 | }
106 |
107 | /**
108 | * Gets all the variables (key/value pairs) of the given script. Returns an API error (DOES_NOT_EXIST) if no script with the given name exists.
109 | * This component is optional and therefore the API will only work if it is installed
110 | * @param {string} scriptname
111 | **/
112 | Script.prototype.scriptVars = function (args) {
113 | return this.api.request('/script/view/scriptVars/', { scriptName: args.scriptname })
114 | }
115 |
116 | /**
117 | * Gets all the custom variables (key/value pairs, the value is the string representation) of a script. Returns an API error (DOES_NOT_EXIST) if no script with the given name exists.
118 | * This component is optional and therefore the API will only work if it is installed
119 | * @param {string} scriptname - The name of the script.
120 | **/
121 | Script.prototype.scriptCustomVars = function (args) {
122 | return this.api.request('/script/view/scriptCustomVars/', { scriptName: args.scriptname })
123 | }
124 |
125 | /**
126 | * Enables the script with the given name
127 | * This component is optional and therefore the API will only work if it is installed
128 | * @param {string} scriptname
129 | **/
130 | Script.prototype.enable = function (args) {
131 | return this.api.request('/script/action/enable/', { scriptName: args.scriptname })
132 | }
133 |
134 | /**
135 | * Disables the script with the given name
136 | * This component is optional and therefore the API will only work if it is installed
137 | * @param {string} scriptname
138 | **/
139 | Script.prototype.disable = function (args) {
140 | return this.api.request('/script/action/disable/', { scriptName: args.scriptname })
141 | }
142 |
143 | /**
144 | * Loads a script into ZAP from the given local file, with the given name, type and engine, optionally with a description, and a charset name to read the script (the charset name is required if the script is not in UTF-8, for example, in ISO-8859-1).
145 | * This component is optional and therefore the API will only work if it is installed
146 | * @param {string} scriptname
147 | * @param {string} scripttype
148 | * @param {string} scriptengine
149 | * @param {string} filename
150 | * @param {string} scriptdescription
151 | * @param {string} charset
152 | **/
153 | Script.prototype.load = function (args) {
154 | const params = { scriptName: args.scriptname, scriptType: args.scripttype, scriptEngine: args.scriptengine, fileName: args.filename }
155 | if (args.scriptdescription && args.scriptdescription !== null) {
156 | params.scriptDescription = args.scriptdescription
157 | }
158 | if (args.charset && args.charset !== null) {
159 | params.charset = args.charset
160 | }
161 | return this.api.request('/script/action/load/', params)
162 | }
163 |
164 | /**
165 | * Removes the script with the given name
166 | * This component is optional and therefore the API will only work if it is installed
167 | * @param {string} scriptname
168 | **/
169 | Script.prototype.remove = function (args) {
170 | return this.api.request('/script/action/remove/', { scriptName: args.scriptname })
171 | }
172 |
173 | /**
174 | * Runs the stand alone script with the given name
175 | * This component is optional and therefore the API will only work if it is installed
176 | * @param {string} scriptname
177 | **/
178 | Script.prototype.runStandAloneScript = function (args) {
179 | return this.api.request('/script/action/runStandAloneScript/', { scriptName: args.scriptname })
180 | }
181 |
182 | /**
183 | * Clears the global variable with the given key.
184 | * This component is optional and therefore the API will only work if it is installed
185 | * @param {string} varkey
186 | **/
187 | Script.prototype.clearGlobalVar = function (args) {
188 | return this.api.request('/script/action/clearGlobalVar/', { varKey: args.varkey })
189 | }
190 |
191 | /**
192 | * Clears a global custom variable.
193 | * This component is optional and therefore the API will only work if it is installed
194 | * @param {string} varkey - The key of the variable.
195 | **/
196 | Script.prototype.clearGlobalCustomVar = function (args) {
197 | return this.api.request('/script/action/clearGlobalCustomVar/', { varKey: args.varkey })
198 | }
199 |
200 | /**
201 | * Clears the global variables.
202 | * This component is optional and therefore the API will only work if it is installed
203 | **/
204 | Script.prototype.clearGlobalVars = function () {
205 | return this.api.request('/script/action/clearGlobalVars/')
206 | }
207 |
208 | /**
209 | * Clears the variable with the given key of the given script. Returns an API error (DOES_NOT_EXIST) if no script with the given name exists.
210 | * This component is optional and therefore the API will only work if it is installed
211 | * @param {string} scriptname
212 | * @param {string} varkey
213 | **/
214 | Script.prototype.clearScriptVar = function (args) {
215 | return this.api.request('/script/action/clearScriptVar/', { scriptName: args.scriptname, varKey: args.varkey })
216 | }
217 |
218 | /**
219 | * Clears a script custom variable.
220 | * This component is optional and therefore the API will only work if it is installed
221 | * @param {string} scriptname - The name of the script.
222 | * @param {string} varkey - The key of the variable.
223 | **/
224 | Script.prototype.clearScriptCustomVar = function (args) {
225 | return this.api.request('/script/action/clearScriptCustomVar/', { scriptName: args.scriptname, varKey: args.varkey })
226 | }
227 |
228 | /**
229 | * Clears the variables of the given script. Returns an API error (DOES_NOT_EXIST) if no script with the given name exists.
230 | * This component is optional and therefore the API will only work if it is installed
231 | * @param {string} scriptname
232 | **/
233 | Script.prototype.clearScriptVars = function (args) {
234 | return this.api.request('/script/action/clearScriptVars/', { scriptName: args.scriptname })
235 | }
236 |
237 | /**
238 | * Sets the value of the variable with the given key of the given script. Returns an API error (DOES_NOT_EXIST) if no script with the given name exists.
239 | * This component is optional and therefore the API will only work if it is installed
240 | * @param {string} scriptname
241 | * @param {string} varkey
242 | * @param {string} varvalue
243 | **/
244 | Script.prototype.setScriptVar = function (args) {
245 | const params = { scriptName: args.scriptname, varKey: args.varkey }
246 | if (args.varvalue && args.varvalue !== null) {
247 | params.varValue = args.varvalue
248 | }
249 | return this.api.request('/script/action/setScriptVar/', params)
250 | }
251 |
252 | /**
253 | * Sets the value of the global variable with the given key.
254 | * This component is optional and therefore the API will only work if it is installed
255 | * @param {string} varkey
256 | * @param {string} varvalue
257 | **/
258 | Script.prototype.setGlobalVar = function (args) {
259 | const params = { varKey: args.varkey }
260 | if (args.varvalue && args.varvalue !== null) {
261 | params.varValue = args.varvalue
262 | }
263 | return this.api.request('/script/action/setGlobalVar/', params)
264 | }
265 |
266 | module.exports = Script
267 |
--------------------------------------------------------------------------------
/src/alert.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Alert (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Gets the alert with the given ID, the corresponding HTTP message can be obtained with the 'messageId' field and 'message' API method
31 | * @param {string} id
32 | **/
33 | Alert.prototype.alert = function (args) {
34 | return this.api.request('/alert/view/alert/', { id: args.id })
35 | }
36 |
37 | /**
38 | * Gets the alerts raised by ZAP, optionally filtering by URL or riskId, and paginating with 'start' position and 'count' of alerts
39 | * @param {string} baseurl - The highest URL in the Sites tree under which alerts should be included.
40 | * @param {string} start
41 | * @param {string} count
42 | * @param {string} riskid
43 | * @param {string} contextname - Optionally, the Context name which the Alerts' URLs are associated with.
44 | * @param {string} falsepositive - Optionally, a boolean indicating whether the results should include False Positive alerts.
45 | **/
46 | Alert.prototype.alerts = function (args) {
47 | const params = { }
48 | if (args.baseurl && args.baseurl !== null) {
49 | params.baseurl = args.baseurl
50 | }
51 | if (args.start && args.start !== null) {
52 | params.start = args.start
53 | }
54 | if (args.count && args.count !== null) {
55 | params.count = args.count
56 | }
57 | if (args.riskid && args.riskid !== null) {
58 | params.riskId = args.riskid
59 | }
60 | if (args.contextname && args.contextname !== null) {
61 | params.contextName = args.contextname
62 | }
63 | if (args.falsepositive && args.falsepositive !== null) {
64 | params.falsePositive = args.falsepositive
65 | }
66 | return this.api.request('/alert/view/alerts/', params)
67 | }
68 |
69 | /**
70 | * Gets number of alerts grouped by each risk level, optionally filtering by URL
71 | * @param {string} baseurl - The highest URL in the Sites tree under which alerts should be included.
72 | **/
73 | Alert.prototype.alertsSummary = function (args) {
74 | const params = { }
75 | if (args.baseurl && args.baseurl !== null) {
76 | params.baseurl = args.baseurl
77 | }
78 | return this.api.request('/alert/view/alertsSummary/', params)
79 | }
80 |
81 | /**
82 | * Gets the number of alerts, optionally filtering by URL or riskId
83 | * @param {string} baseurl - The highest URL in the Sites tree under which alerts should be included.
84 | * @param {string} riskid
85 | **/
86 | Alert.prototype.numberOfAlerts = function (args) {
87 | const params = { }
88 | if (args.baseurl && args.baseurl !== null) {
89 | params.baseurl = args.baseurl
90 | }
91 | if (args.riskid && args.riskid !== null) {
92 | params.riskId = args.riskid
93 | }
94 | return this.api.request('/alert/view/numberOfAlerts/', params)
95 | }
96 |
97 | /**
98 | * Gets a summary of the alerts, optionally filtered by a 'url'. If 'recurse' is true then all alerts that apply to urls that start with the specified 'url' will be returned, otherwise only those on exactly the same 'url' (ignoring url parameters)
99 | * @param {string} url
100 | * @param {string} recurse
101 | **/
102 | Alert.prototype.alertsByRisk = function (args) {
103 | const params = { }
104 | if (args.url && args.url !== null) {
105 | params.url = args.url
106 | }
107 | if (args.recurse && args.recurse !== null) {
108 | params.recurse = args.recurse
109 | }
110 | return this.api.request('/alert/view/alertsByRisk/', params)
111 | }
112 |
113 | /**
114 | * Gets a count of the alerts, optionally filtered as per alertsPerRisk
115 | * @param {string} url
116 | * @param {string} recurse
117 | **/
118 | Alert.prototype.alertCountsByRisk = function (args) {
119 | const params = { }
120 | if (args.url && args.url !== null) {
121 | params.url = args.url
122 | }
123 | if (args.recurse && args.recurse !== null) {
124 | params.recurse = args.recurse
125 | }
126 | return this.api.request('/alert/view/alertCountsByRisk/', params)
127 | }
128 |
129 | /**
130 | * Deletes all alerts of the current session.
131 | **/
132 | Alert.prototype.deleteAllAlerts = function () {
133 | return this.api.request('/alert/action/deleteAllAlerts/')
134 | }
135 |
136 | /**
137 | * Deletes all the alerts optionally filtered by URL which fall within the Context with the provided name, risk, or base URL.
138 | * @param {string} contextname - The name of the Context for which the alerts should be deleted.
139 | * @param {string} baseurl - The highest URL in the Sites tree under which alerts should be deleted.
140 | * @param {string} riskid - The numeric risk representation ('0 - Informational' through '3 - High').
141 | **/
142 | Alert.prototype.deleteAlerts = function (args) {
143 | const params = { }
144 | if (args.contextname && args.contextname !== null) {
145 | params.contextName = args.contextname
146 | }
147 | if (args.baseurl && args.baseurl !== null) {
148 | params.baseurl = args.baseurl
149 | }
150 | if (args.riskid && args.riskid !== null) {
151 | params.riskId = args.riskid
152 | }
153 | return this.api.request('/alert/action/deleteAlerts/', params)
154 | }
155 |
156 | /**
157 | * Deletes the alert with the given ID.
158 | * @param {string} id
159 | **/
160 | Alert.prototype.deleteAlert = function (args) {
161 | return this.api.request('/alert/action/deleteAlert/', { id: args.id })
162 | }
163 |
164 | /**
165 | * Update the confidence of the alerts.
166 | * @param {string} ids - The IDs of the alerts to update (comma separated values).
167 | * @param {string} confidenceid - The numeric confidence representation ('1 - Low' through '3 - High' [user set values '0 - False Positive', and '4 - User Confirmed' are also available]).
168 | **/
169 | Alert.prototype.updateAlertsConfidence = function (args) {
170 | return this.api.request('/alert/action/updateAlertsConfidence/', { ids: args.ids, confidenceId: args.confidenceid })
171 | }
172 |
173 | /**
174 | * Update the risk of the alerts.
175 | * @param {string} ids - The IDs of the alerts to update (comma separated values).
176 | * @param {string} riskid - The numeric risk representation ('0 - Informational' through '3 - High').
177 | **/
178 | Alert.prototype.updateAlertsRisk = function (args) {
179 | return this.api.request('/alert/action/updateAlertsRisk/', { ids: args.ids, riskId: args.riskid })
180 | }
181 |
182 | /**
183 | * Update the alert with the given ID, with the provided details.
184 | * @param {string} id - The ID of the alert to update.
185 | * @param {string} name - The name of the alert.
186 | * @param {string} riskid - The numeric risk representation ('0 - Informational' through '3 - High').
187 | * @param {string} confidenceid - The numeric confidence representation ('1 - Low' through '3 - High' [user set values '0 - False Positive', and '4 - User Confirmed' are also available]).
188 | * @param {string} description - The description to be set to the alert.
189 | * @param {string} param - The name of the parameter applicable to the alert.
190 | * @param {string} attack - The attack (ex: injected string) used by the scan rule.
191 | * @param {string} otherinfo - Other information about the alert or test.
192 | * @param {string} solution - The solution for the alert.
193 | * @param {string} references - The reference details for the alert.
194 | * @param {string} evidence - The evidence associated with the alert.
195 | * @param {string} cweid - The CWE identifier associated with the alert.
196 | * @param {string} wascid - The WASC identifier associated with the alert.
197 | **/
198 | Alert.prototype.updateAlert = function (args) {
199 | const params = { id: args.id, name: args.name, riskId: args.riskid, confidenceId: args.confidenceid, description: args.description }
200 | if (args.param && args.param !== null) {
201 | params.param = args.param
202 | }
203 | if (args.attack && args.attack !== null) {
204 | params.attack = args.attack
205 | }
206 | if (args.otherinfo && args.otherinfo !== null) {
207 | params.otherInfo = args.otherinfo
208 | }
209 | if (args.solution && args.solution !== null) {
210 | params.solution = args.solution
211 | }
212 | if (args.references && args.references !== null) {
213 | params.references = args.references
214 | }
215 | if (args.evidence && args.evidence !== null) {
216 | params.evidence = args.evidence
217 | }
218 | if (args.cweid && args.cweid !== null) {
219 | params.cweId = args.cweid
220 | }
221 | if (args.wascid && args.wascid !== null) {
222 | params.wascId = args.wascid
223 | }
224 | return this.api.request('/alert/action/updateAlert/', params)
225 | }
226 |
227 | /**
228 | * Add an alert associated with the given message ID, with the provided details. (The ID of the created alert is returned.)
229 | * @param {string} messageid - The ID of the message to which the alert should be associated.
230 | * @param {string} name - The name of the alert.
231 | * @param {string} riskid - The numeric risk representation ('0 - Informational' through '3 - High').
232 | * @param {string} confidenceid - The numeric confidence representation ('1 - Low' through '3 - High' [user set values '0 - False Positive', and '4 - User Confirmed' are also available]).
233 | * @param {string} description - The description to be set to the alert.
234 | * @param {string} param - The name of the parameter applicable to the alert.
235 | * @param {string} attack - The attack (ex: injected string) used by the scan rule.
236 | * @param {string} otherinfo - Other information about the alert or test.
237 | * @param {string} solution - The solution for the alert.
238 | * @param {string} references - The reference details for the alert.
239 | * @param {string} evidence - The evidence associated with the alert.
240 | * @param {string} cweid - The CWE identifier associated with the alert.
241 | * @param {string} wascid - The WASC identifier associated with the alert.
242 | **/
243 | Alert.prototype.addAlert = function (args) {
244 | const params = { messageId: args.messageid, name: args.name, riskId: args.riskid, confidenceId: args.confidenceid, description: args.description }
245 | if (args.param && args.param !== null) {
246 | params.param = args.param
247 | }
248 | if (args.attack && args.attack !== null) {
249 | params.attack = args.attack
250 | }
251 | if (args.otherinfo && args.otherinfo !== null) {
252 | params.otherInfo = args.otherinfo
253 | }
254 | if (args.solution && args.solution !== null) {
255 | params.solution = args.solution
256 | }
257 | if (args.references && args.references !== null) {
258 | params.references = args.references
259 | }
260 | if (args.evidence && args.evidence !== null) {
261 | params.evidence = args.evidence
262 | }
263 | if (args.cweid && args.cweid !== null) {
264 | params.cweId = args.cweid
265 | }
266 | if (args.wascid && args.wascid !== null) {
267 | params.wascId = args.wascid
268 | }
269 | return this.api.request('/alert/action/addAlert/', params)
270 | }
271 |
272 | module.exports = Alert
273 |
--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
1 | Apache License
2 | Version 2.0, January 2004
3 | http://www.apache.org/licenses/
4 |
5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
6 |
7 | 1. Definitions.
8 |
9 | "License" shall mean the terms and conditions for use, reproduction,
10 | and distribution as defined by Sections 1 through 9 of this document.
11 |
12 | "Licensor" shall mean the copyright owner or entity authorized by
13 | the copyright owner that is granting the License.
14 |
15 | "Legal Entity" shall mean the union of the acting entity and all
16 | other entities that control, are controlled by, or are under common
17 | control with that entity. For the purposes of this definition,
18 | "control" means (i) the power, direct or indirect, to cause the
19 | direction or management of such entity, whether by contract or
20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the
21 | outstanding shares, or (iii) beneficial ownership of such entity.
22 |
23 | "You" (or "Your") shall mean an individual or Legal Entity
24 | exercising permissions granted by this License.
25 |
26 | "Source" form shall mean the preferred form for making modifications,
27 | including but not limited to software source code, documentation
28 | source, and configuration files.
29 |
30 | "Object" form shall mean any form resulting from mechanical
31 | transformation or translation of a Source form, including but
32 | not limited to compiled object code, generated documentation,
33 | and conversions to other media types.
34 |
35 | "Work" shall mean the work of authorship, whether in Source or
36 | Object form, made available under the License, as indicated by a
37 | copyright notice that is included in or attached to the work
38 | (an example is provided in the Appendix below).
39 |
40 | "Derivative Works" shall mean any work, whether in Source or Object
41 | form, that is based on (or derived from) the Work and for which the
42 | editorial revisions, annotations, elaborations, or other modifications
43 | represent, as a whole, an original work of authorship. For the purposes
44 | of this License, Derivative Works shall not include works that remain
45 | separable from, or merely link (or bind by name) to the interfaces of,
46 | the Work and Derivative Works thereof.
47 |
48 | "Contribution" shall mean any work of authorship, including
49 | the original version of the Work and any modifications or additions
50 | to that Work or Derivative Works thereof, that is intentionally
51 | submitted to Licensor for inclusion in the Work by the copyright owner
52 | or by an individual or Legal Entity authorized to submit on behalf of
53 | the copyright owner. For the purposes of this definition, "submitted"
54 | means any form of electronic, verbal, or written communication sent
55 | to the Licensor or its representatives, including but not limited to
56 | communication on electronic mailing lists, source code control systems,
57 | and issue tracking systems that are managed by, or on behalf of, the
58 | Licensor for the purpose of discussing and improving the Work, but
59 | excluding communication that is conspicuously marked or otherwise
60 | designated in writing by the copyright owner as "Not a Contribution."
61 |
62 | "Contributor" shall mean Licensor and any individual or Legal Entity
63 | on behalf of whom a Contribution has been received by Licensor and
64 | subsequently incorporated within the Work.
65 |
66 | 2. Grant of Copyright License. Subject to the terms and conditions of
67 | this License, each Contributor hereby grants to You a perpetual,
68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
69 | copyright license to reproduce, prepare Derivative Works of,
70 | publicly display, publicly perform, sublicense, and distribute the
71 | Work and such Derivative Works in Source or Object form.
72 |
73 | 3. Grant of Patent License. Subject to the terms and conditions of
74 | this License, each Contributor hereby grants to You a perpetual,
75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
76 | (except as stated in this section) patent license to make, have made,
77 | use, offer to sell, sell, import, and otherwise transfer the Work,
78 | where such license applies only to those patent claims licensable
79 | by such Contributor that are necessarily infringed by their
80 | Contribution(s) alone or by combination of their Contribution(s)
81 | with the Work to which such Contribution(s) was submitted. If You
82 | institute patent litigation against any entity (including a
83 | cross-claim or counterclaim in a lawsuit) alleging that the Work
84 | or a Contribution incorporated within the Work constitutes direct
85 | or contributory patent infringement, then any patent licenses
86 | granted to You under this License for that Work shall terminate
87 | as of the date such litigation is filed.
88 |
89 | 4. Redistribution. You may reproduce and distribute copies of the
90 | Work or Derivative Works thereof in any medium, with or without
91 | modifications, and in Source or Object form, provided that You
92 | meet the following conditions:
93 |
94 | (a) You must give any other recipients of the Work or
95 | Derivative Works a copy of this License; and
96 |
97 | (b) You must cause any modified files to carry prominent notices
98 | stating that You changed the files; and
99 |
100 | (c) You must retain, in the Source form of any Derivative Works
101 | that You distribute, all copyright, patent, trademark, and
102 | attribution notices from the Source form of the Work,
103 | excluding those notices that do not pertain to any part of
104 | the Derivative Works; and
105 |
106 | (d) If the Work includes a "NOTICE" text file as part of its
107 | distribution, then any Derivative Works that You distribute must
108 | include a readable copy of the attribution notices contained
109 | within such NOTICE file, excluding those notices that do not
110 | pertain to any part of the Derivative Works, in at least one
111 | of the following places: within a NOTICE text file distributed
112 | as part of the Derivative Works; within the Source form or
113 | documentation, if provided along with the Derivative Works; or,
114 | within a display generated by the Derivative Works, if and
115 | wherever such third-party notices normally appear. The contents
116 | of the NOTICE file are for informational purposes only and
117 | do not modify the License. You may add Your own attribution
118 | notices within Derivative Works that You distribute, alongside
119 | or as an addendum to the NOTICE text from the Work, provided
120 | that such additional attribution notices cannot be construed
121 | as modifying the License.
122 |
123 | You may add Your own copyright statement to Your modifications and
124 | may provide additional or different license terms and conditions
125 | for use, reproduction, or distribution of Your modifications, or
126 | for any such Derivative Works as a whole, provided Your use,
127 | reproduction, and distribution of the Work otherwise complies with
128 | the conditions stated in this License.
129 |
130 | 5. Submission of Contributions. Unless You explicitly state otherwise,
131 | any Contribution intentionally submitted for inclusion in the Work
132 | by You to the Licensor shall be under the terms and conditions of
133 | this License, without any additional terms or conditions.
134 | Notwithstanding the above, nothing herein shall supersede or modify
135 | the terms of any separate license agreement you may have executed
136 | with Licensor regarding such Contributions.
137 |
138 | 6. Trademarks. This License does not grant permission to use the trade
139 | names, trademarks, service marks, or product names of the Licensor,
140 | except as required for reasonable and customary use in describing the
141 | origin of the Work and reproducing the content of the NOTICE file.
142 |
143 | 7. Disclaimer of Warranty. Unless required by applicable law or
144 | agreed to in writing, Licensor provides the Work (and each
145 | Contributor provides its Contributions) on an "AS IS" BASIS,
146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
147 | implied, including, without limitation, any warranties or conditions
148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
149 | PARTICULAR PURPOSE. You are solely responsible for determining the
150 | appropriateness of using or redistributing the Work and assume any
151 | risks associated with Your exercise of permissions under this License.
152 |
153 | 8. Limitation of Liability. In no event and under no legal theory,
154 | whether in tort (including negligence), contract, or otherwise,
155 | unless required by applicable law (such as deliberate and grossly
156 | negligent acts) or agreed to in writing, shall any Contributor be
157 | liable to You for damages, including any direct, indirect, special,
158 | incidental, or consequential damages of any character arising as a
159 | result of this License or out of the use or inability to use the
160 | Work (including but not limited to damages for loss of goodwill,
161 | work stoppage, computer failure or malfunction, or any and all
162 | other commercial damages or losses), even if such Contributor
163 | has been advised of the possibility of such damages.
164 |
165 | 9. Accepting Warranty or Additional Liability. While redistributing
166 | the Work or Derivative Works thereof, You may choose to offer,
167 | and charge a fee for, acceptance of support, warranty, indemnity,
168 | or other liability obligations and/or rights consistent with this
169 | License. However, in accepting such obligations, You may act only
170 | on Your own behalf and on Your sole responsibility, not on behalf
171 | of any other Contributor, and only if You agree to indemnify,
172 | defend, and hold each Contributor harmless for any liability
173 | incurred by, or claims asserted against, such Contributor by reason
174 | of your accepting any such warranty or additional liability.
175 |
176 | END OF TERMS AND CONDITIONS
177 |
178 | APPENDIX: How to apply the Apache License to your work.
179 |
180 | To apply the Apache License to your work, attach the following
181 | boilerplate notice, with the fields enclosed by brackets "{}"
182 | replaced with your own identifying information. (Don't include
183 | the brackets!) The text should be enclosed in the appropriate
184 | comment syntax for the file format. We also recommend that a
185 | file or class name and description of purpose be included on the
186 | same "printed page" as the copyright notice for easier
187 | identification within third-party archives.
188 |
189 | Copyright {yyyy} {name of copyright owner}
190 |
191 | Licensed under the Apache License, Version 2.0 (the "License");
192 | you may not use this file except in compliance with the License.
193 | You may obtain a copy of the License at
194 |
195 | http://www.apache.org/licenses/LICENSE-2.0
196 |
197 | Unless required by applicable law or agreed to in writing, software
198 | distributed under the License is distributed on an "AS IS" BASIS,
199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
200 | See the License for the specific language governing permissions and
201 | limitations under the License.
202 |
--------------------------------------------------------------------------------
/src/alertFilter.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function AlertFilter (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Lists the alert filters of the context with the given ID.
31 | * This component is optional and therefore the API will only work if it is installed
32 | * @param {string} contextid - The numeric ID of the context for which the filters should be listed.
33 | **/
34 | AlertFilter.prototype.alertFilterList = function (args) {
35 | return this.api.request('/alertFilter/view/alertFilterList/', { contextId: args.contextid })
36 | }
37 |
38 | /**
39 | * Lists the global alert filters.
40 | * This component is optional and therefore the API will only work if it is installed
41 | **/
42 | AlertFilter.prototype.globalAlertFilterList = function () {
43 | return this.api.request('/alertFilter/view/globalAlertFilterList/')
44 | }
45 |
46 | /**
47 | * Adds a new alert filter for the context with the given ID.
48 | * This component is optional and therefore the API will only work if it is installed
49 | * @param {string} contextid - The numeric ID of the context for which the filter should be added.
50 | * @param {string} ruleid - The numeric ID of the rule for which the filter should apply.
51 | * @param {string} newlevel - The numeric risk representation ('0 - Informational' through '3 - High') ['-1 - False Positive'].
52 | * @param {string} url - The URL for which the filter should apply (can be regex).
53 | * @param {string} urlisregex - A boolean indicating whether or not the URL is a regex.
54 | * @param {string} parameter - The parameter name for which the filter should apply (can be regex).
55 | * @param {string} enabled - A boolean indicating whether or not the filter should be enabled.
56 | * @param {string} parameterisregex - A boolean indicating whether or not the parameter name is a regex.
57 | * @param {string} attack - The attack value for which the filter should apply (can be regex).
58 | * @param {string} attackisregex - A boolean indicating whether or not the attack value is a regex.
59 | * @param {string} evidence - The evidence value for which the filter should apply (can be regex).
60 | * @param {string} evidenceisregex - A boolean indicating whether or not the evidence value is a regex.
61 | * @param {string} methods - The HTTP methods (comma separated) for which the filter should apply.
62 | **/
63 | AlertFilter.prototype.addAlertFilter = function (args) {
64 | const params = { contextId: args.contextid, ruleId: args.ruleid, newLevel: args.newlevel }
65 | if (args.url && args.url !== null) {
66 | params.url = args.url
67 | }
68 | if (args.urlisregex && args.urlisregex !== null) {
69 | params.urlIsRegex = args.urlisregex
70 | }
71 | if (args.parameter && args.parameter !== null) {
72 | params.parameter = args.parameter
73 | }
74 | if (args.enabled && args.enabled !== null) {
75 | params.enabled = args.enabled
76 | }
77 | if (args.parameterisregex && args.parameterisregex !== null) {
78 | params.parameterIsRegex = args.parameterisregex
79 | }
80 | if (args.attack && args.attack !== null) {
81 | params.attack = args.attack
82 | }
83 | if (args.attackisregex && args.attackisregex !== null) {
84 | params.attackIsRegex = args.attackisregex
85 | }
86 | if (args.evidence && args.evidence !== null) {
87 | params.evidence = args.evidence
88 | }
89 | if (args.evidenceisregex && args.evidenceisregex !== null) {
90 | params.evidenceIsRegex = args.evidenceisregex
91 | }
92 | if (args.methods && args.methods !== null) {
93 | params.methods = args.methods
94 | }
95 | return this.api.request('/alertFilter/action/addAlertFilter/', params)
96 | }
97 |
98 | /**
99 | * Removes an alert filter from the context with the given ID.
100 | * This component is optional and therefore the API will only work if it is installed
101 | * @param {string} contextid - The numeric ID of the context for which the filter should be removed.
102 | * @param {string} ruleid - The numeric ID of the rule for which the filter applies.
103 | * @param {string} newlevel - The numeric risk representation ('0 - Informational' through '3 - High') ['-1 - False Positive'].
104 | * @param {string} url - The URL for which the filter applies (can be regex).
105 | * @param {string} urlisregex - A boolean indicating whether or not the URL is a regex.
106 | * @param {string} parameter - The parameter name for which the filter applies (can be regex).
107 | * @param {string} enabled - A boolean indicating whether or not the filter should be enabled.
108 | * @param {string} parameterisregex - A boolean indicating whether or not the parameter name is a regex.
109 | * @param {string} attack - The attack value for which the filter applies (can be regex).
110 | * @param {string} attackisregex - A boolean indicating whether or not the attack value is a regex.
111 | * @param {string} evidence - The evidence value for which the filter applies (can be regex).
112 | * @param {string} evidenceisregex - A boolean indicating whether or not the evidence value is a regex.
113 | * @param {string} methods - The HTTP methods (comma separated) for which the filter applies.
114 | **/
115 | AlertFilter.prototype.removeAlertFilter = function (args) {
116 | const params = { contextId: args.contextid, ruleId: args.ruleid, newLevel: args.newlevel }
117 | if (args.url && args.url !== null) {
118 | params.url = args.url
119 | }
120 | if (args.urlisregex && args.urlisregex !== null) {
121 | params.urlIsRegex = args.urlisregex
122 | }
123 | if (args.parameter && args.parameter !== null) {
124 | params.parameter = args.parameter
125 | }
126 | if (args.enabled && args.enabled !== null) {
127 | params.enabled = args.enabled
128 | }
129 | if (args.parameterisregex && args.parameterisregex !== null) {
130 | params.parameterIsRegex = args.parameterisregex
131 | }
132 | if (args.attack && args.attack !== null) {
133 | params.attack = args.attack
134 | }
135 | if (args.attackisregex && args.attackisregex !== null) {
136 | params.attackIsRegex = args.attackisregex
137 | }
138 | if (args.evidence && args.evidence !== null) {
139 | params.evidence = args.evidence
140 | }
141 | if (args.evidenceisregex && args.evidenceisregex !== null) {
142 | params.evidenceIsRegex = args.evidenceisregex
143 | }
144 | if (args.methods && args.methods !== null) {
145 | params.methods = args.methods
146 | }
147 | return this.api.request('/alertFilter/action/removeAlertFilter/', params)
148 | }
149 |
150 | /**
151 | * Adds a new global alert filter.
152 | * This component is optional and therefore the API will only work if it is installed
153 | * @param {string} ruleid - The numeric ID of the rule for which the filter should apply.
154 | * @param {string} newlevel - The numeric risk representation ('0 - Informational' through '3 - High') ['-1 - False Positive'].
155 | * @param {string} url - The URL for which the filter should apply (can be regex).
156 | * @param {string} urlisregex - A boolean indicating whether or not the URL is a regex.
157 | * @param {string} parameter - The parameter name for which the filter should apply (can be regex).
158 | * @param {string} enabled - A boolean indicating whether or not the filter should be enabled.
159 | * @param {string} parameterisregex - A boolean indicating whether or not the parameter name is a regex.
160 | * @param {string} attack - The attack value for which the filter should apply (can be regex).
161 | * @param {string} attackisregex - A boolean indicating whether or not the attack value is a regex.
162 | * @param {string} evidence - The evidence value for which the filter should apply (can be regex).
163 | * @param {string} evidenceisregex - A boolean indicating whether or not the evidence value is a regex.
164 | * @param {string} methods - The HTTP methods (comma separated) for which the filter should apply.
165 | **/
166 | AlertFilter.prototype.addGlobalAlertFilter = function (args) {
167 | const params = { ruleId: args.ruleid, newLevel: args.newlevel }
168 | if (args.url && args.url !== null) {
169 | params.url = args.url
170 | }
171 | if (args.urlisregex && args.urlisregex !== null) {
172 | params.urlIsRegex = args.urlisregex
173 | }
174 | if (args.parameter && args.parameter !== null) {
175 | params.parameter = args.parameter
176 | }
177 | if (args.enabled && args.enabled !== null) {
178 | params.enabled = args.enabled
179 | }
180 | if (args.parameterisregex && args.parameterisregex !== null) {
181 | params.parameterIsRegex = args.parameterisregex
182 | }
183 | if (args.attack && args.attack !== null) {
184 | params.attack = args.attack
185 | }
186 | if (args.attackisregex && args.attackisregex !== null) {
187 | params.attackIsRegex = args.attackisregex
188 | }
189 | if (args.evidence && args.evidence !== null) {
190 | params.evidence = args.evidence
191 | }
192 | if (args.evidenceisregex && args.evidenceisregex !== null) {
193 | params.evidenceIsRegex = args.evidenceisregex
194 | }
195 | if (args.methods && args.methods !== null) {
196 | params.methods = args.methods
197 | }
198 | return this.api.request('/alertFilter/action/addGlobalAlertFilter/', params)
199 | }
200 |
201 | /**
202 | * Removes a global alert filter.
203 | * This component is optional and therefore the API will only work if it is installed
204 | * @param {string} ruleid - The numeric ID of the rule for which the filter applies.
205 | * @param {string} newlevel - The numeric risk representation ('0 - Informational' through '3 - High') ['-1 - False Positive'].
206 | * @param {string} url - The URL for which the filter applies (can be regex).
207 | * @param {string} urlisregex - A boolean indicating whether or not the URL is a regex.
208 | * @param {string} parameter - The parameter name for which the filter applies (can be regex).
209 | * @param {string} enabled - A boolean indicating whether or not the filter should be enabled.
210 | * @param {string} parameterisregex - A boolean indicating whether or not the parameter name is a regex.
211 | * @param {string} attack - The attack value for which the filter applies (can be regex).
212 | * @param {string} attackisregex - A boolean indicating whether or not the attack value is a regex.
213 | * @param {string} evidence - The evidence value for which the filter applies (can be regex).
214 | * @param {string} evidenceisregex - A boolean indicating whether or not the evidence value is a regex.
215 | * @param {string} methods - The HTTP methods (comma separated) for which the filter applies.
216 | **/
217 | AlertFilter.prototype.removeGlobalAlertFilter = function (args) {
218 | const params = { ruleId: args.ruleid, newLevel: args.newlevel }
219 | if (args.url && args.url !== null) {
220 | params.url = args.url
221 | }
222 | if (args.urlisregex && args.urlisregex !== null) {
223 | params.urlIsRegex = args.urlisregex
224 | }
225 | if (args.parameter && args.parameter !== null) {
226 | params.parameter = args.parameter
227 | }
228 | if (args.enabled && args.enabled !== null) {
229 | params.enabled = args.enabled
230 | }
231 | if (args.parameterisregex && args.parameterisregex !== null) {
232 | params.parameterIsRegex = args.parameterisregex
233 | }
234 | if (args.attack && args.attack !== null) {
235 | params.attack = args.attack
236 | }
237 | if (args.attackisregex && args.attackisregex !== null) {
238 | params.attackIsRegex = args.attackisregex
239 | }
240 | if (args.evidence && args.evidence !== null) {
241 | params.evidence = args.evidence
242 | }
243 | if (args.evidenceisregex && args.evidenceisregex !== null) {
244 | params.evidenceIsRegex = args.evidenceisregex
245 | }
246 | if (args.methods && args.methods !== null) {
247 | params.methods = args.methods
248 | }
249 | return this.api.request('/alertFilter/action/removeGlobalAlertFilter/', params)
250 | }
251 |
252 | /**
253 | * Applies all currently enabled Global and Context alert filters.
254 | * This component is optional and therefore the API will only work if it is installed
255 | **/
256 | AlertFilter.prototype.applyAll = function () {
257 | return this.api.request('/alertFilter/action/applyAll/')
258 | }
259 |
260 | /**
261 | * Applies all currently enabled Context alert filters.
262 | * This component is optional and therefore the API will only work if it is installed
263 | **/
264 | AlertFilter.prototype.applyContext = function () {
265 | return this.api.request('/alertFilter/action/applyContext/')
266 | }
267 |
268 | /**
269 | * Applies all currently enabled Global alert filters.
270 | * This component is optional and therefore the API will only work if it is installed
271 | **/
272 | AlertFilter.prototype.applyGlobal = function () {
273 | return this.api.request('/alertFilter/action/applyGlobal/')
274 | }
275 |
276 | /**
277 | * Tests all currently enabled Global and Context alert filters.
278 | * This component is optional and therefore the API will only work if it is installed
279 | **/
280 | AlertFilter.prototype.testAll = function () {
281 | return this.api.request('/alertFilter/action/testAll/')
282 | }
283 |
284 | /**
285 | * Tests all currently enabled Context alert filters.
286 | * This component is optional and therefore the API will only work if it is installed
287 | **/
288 | AlertFilter.prototype.testContext = function () {
289 | return this.api.request('/alertFilter/action/testContext/')
290 | }
291 |
292 | /**
293 | * Tests all currently enabled Global alert filters.
294 | * This component is optional and therefore the API will only work if it is installed
295 | **/
296 | AlertFilter.prototype.testGlobal = function () {
297 | return this.api.request('/alertFilter/action/testGlobal/')
298 | }
299 |
300 | module.exports = AlertFilter
301 |
--------------------------------------------------------------------------------
/src/search.js:
--------------------------------------------------------------------------------
1 | /* Zed Attack Proxy (ZAP) and its related class files.
2 | *
3 | * ZAP is an HTTP/HTTPS proxy for assessing web application security.
4 | *
5 | * Copyright 2023 the ZAP development team
6 | *
7 | * Licensed under the Apache License, Version 2.0 (the "License");
8 | * you may not use this file except in compliance with the License.
9 | * You may obtain a copy of the License at
10 | *
11 | * http://www.apache.org/licenses/LICENSE-2.0
12 | *
13 | * Unless required by applicable law or agreed to in writing, software
14 | * distributed under the License is distributed on an "AS IS" BASIS,
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 | * See the License for the specific language governing permissions and
17 | * limitations under the License.
18 | */
19 |
20 | 'use strict'
21 |
22 | /**
23 | * This file was automatically generated.
24 | */
25 | function Search (clientApi) {
26 | this.api = clientApi
27 | }
28 |
29 | /**
30 | * Returns the URLs of the HTTP messages that match the given regular expression in the URL optionally filtered by URL and paginated with 'start' position and 'count' of messages.
31 | * @param {string} regex
32 | * @param {string} baseurl - The highest URL in the Sites tree under which URLs should be included.
33 | * @param {string} start
34 | * @param {string} count
35 | **/
36 | Search.prototype.urlsByUrlRegex = function (args) {
37 | const params = { regex: args.regex }
38 | if (args.baseurl && args.baseurl !== null) {
39 | params.baseurl = args.baseurl
40 | }
41 | if (args.start && args.start !== null) {
42 | params.start = args.start
43 | }
44 | if (args.count && args.count !== null) {
45 | params.count = args.count
46 | }
47 | return this.api.request('/search/view/urlsByUrlRegex/', params)
48 | }
49 |
50 | /**
51 | * Returns the URLs of the HTTP messages that match the given regular expression in their history Tags optionally filtered by URL and paginated with 'start' position and 'count' of messages.
52 | * @param {string} regex
53 | * @param {string} baseurl - The highest URL in the Sites tree under which URLs should be included.
54 | * @param {string} start
55 | * @param {string} count
56 | **/
57 | Search.prototype.urlsByTagRegex = function (args) {
58 | const params = { regex: args.regex }
59 | if (args.baseurl && args.baseurl !== null) {
60 | params.baseurl = args.baseurl
61 | }
62 | if (args.start && args.start !== null) {
63 | params.start = args.start
64 | }
65 | if (args.count && args.count !== null) {
66 | params.count = args.count
67 | }
68 | return this.api.request('/search/view/urlsByTagRegex/', params)
69 | }
70 |
71 | /**
72 | * Returns the URLs of the HTTP messages that match the given regular expression in their note optionally filtered by URL and paginated with 'start' position and 'count' of messages.
73 | * @param {string} regex
74 | * @param {string} baseurl - The highest URL in the Sites tree under which URLs should be included.
75 | * @param {string} start
76 | * @param {string} count
77 | **/
78 | Search.prototype.urlsByNoteRegex = function (args) {
79 | const params = { regex: args.regex }
80 | if (args.baseurl && args.baseurl !== null) {
81 | params.baseurl = args.baseurl
82 | }
83 | if (args.start && args.start !== null) {
84 | params.start = args.start
85 | }
86 | if (args.count && args.count !== null) {
87 | params.count = args.count
88 | }
89 | return this.api.request('/search/view/urlsByNoteRegex/', params)
90 | }
91 |
92 | /**
93 | * Returns the URLs of the HTTP messages that match the given regular expression in the request optionally filtered by URL and paginated with 'start' position and 'count' of messages.
94 | * @param {string} regex
95 | * @param {string} baseurl - The highest URL in the Sites tree under which URLs should be included.
96 | * @param {string} start
97 | * @param {string} count
98 | **/
99 | Search.prototype.urlsByRequestRegex = function (args) {
100 | const params = { regex: args.regex }
101 | if (args.baseurl && args.baseurl !== null) {
102 | params.baseurl = args.baseurl
103 | }
104 | if (args.start && args.start !== null) {
105 | params.start = args.start
106 | }
107 | if (args.count && args.count !== null) {
108 | params.count = args.count
109 | }
110 | return this.api.request('/search/view/urlsByRequestRegex/', params)
111 | }
112 |
113 | /**
114 | * Returns the URLs of the HTTP messages that match the given regular expression in the response optionally filtered by URL and paginated with 'start' position and 'count' of messages.
115 | * @param {string} regex
116 | * @param {string} baseurl - The highest URL in the Sites tree under which URLs should be included.
117 | * @param {string} start
118 | * @param {string} count
119 | **/
120 | Search.prototype.urlsByResponseRegex = function (args) {
121 | const params = { regex: args.regex }
122 | if (args.baseurl && args.baseurl !== null) {
123 | params.baseurl = args.baseurl
124 | }
125 | if (args.start && args.start !== null) {
126 | params.start = args.start
127 | }
128 | if (args.count && args.count !== null) {
129 | params.count = args.count
130 | }
131 | return this.api.request('/search/view/urlsByResponseRegex/', params)
132 | }
133 |
134 | /**
135 | * Returns the URLs of the HTTP messages that match the given regular expression in the header(s) optionally filtered by URL and paginated with 'start' position and 'count' of messages.
136 | * @param {string} regex
137 | * @param {string} baseurl - The highest URL in the Sites tree under which URLs should be included.
138 | * @param {string} start
139 | * @param {string} count
140 | **/
141 | Search.prototype.urlsByHeaderRegex = function (args) {
142 | const params = { regex: args.regex }
143 | if (args.baseurl && args.baseurl !== null) {
144 | params.baseurl = args.baseurl
145 | }
146 | if (args.start && args.start !== null) {
147 | params.start = args.start
148 | }
149 | if (args.count && args.count !== null) {
150 | params.count = args.count
151 | }
152 | return this.api.request('/search/view/urlsByHeaderRegex/', params)
153 | }
154 |
155 | /**
156 | * Returns the HTTP messages that match the given regular expression in the URL optionally filtered by URL and paginated with 'start' position and 'count' of messages.
157 | * @param {string} regex
158 | * @param {string} baseurl - The highest URL in the Sites tree under which messages should be included.
159 | * @param {string} start
160 | * @param {string} count
161 | **/
162 | Search.prototype.messagesByUrlRegex = function (args) {
163 | const params = { regex: args.regex }
164 | if (args.baseurl && args.baseurl !== null) {
165 | params.baseurl = args.baseurl
166 | }
167 | if (args.start && args.start !== null) {
168 | params.start = args.start
169 | }
170 | if (args.count && args.count !== null) {
171 | params.count = args.count
172 | }
173 | return this.api.request('/search/view/messagesByUrlRegex/', params)
174 | }
175 |
176 | /**
177 | * Returns the HTTP messages that match the given regular expression in their history Tags optionally filtered by URL and paginated with 'start' position and 'count' of messages.
178 | * @param {string} regex
179 | * @param {string} baseurl - The highest URL in the Sites tree under which messages should be included.
180 | * @param {string} start
181 | * @param {string} count
182 | **/
183 | Search.prototype.messagesByTagRegex = function (args) {
184 | const params = { regex: args.regex }
185 | if (args.baseurl && args.baseurl !== null) {
186 | params.baseurl = args.baseurl
187 | }
188 | if (args.start && args.start !== null) {
189 | params.start = args.start
190 | }
191 | if (args.count && args.count !== null) {
192 | params.count = args.count
193 | }
194 | return this.api.request('/search/view/messagesByTagRegex/', params)
195 | }
196 |
197 | /**
198 | * Returns the HTTP messages that match the given regular expression in their note optionally filtered by URL and paginated with 'start' position and 'count' of messages.
199 | * @param {string} regex
200 | * @param {string} baseurl - The highest URL in the Sites tree under which messages should be included.
201 | * @param {string} start
202 | * @param {string} count
203 | **/
204 | Search.prototype.messagesByNoteRegex = function (args) {
205 | const params = { regex: args.regex }
206 | if (args.baseurl && args.baseurl !== null) {
207 | params.baseurl = args.baseurl
208 | }
209 | if (args.start && args.start !== null) {
210 | params.start = args.start
211 | }
212 | if (args.count && args.count !== null) {
213 | params.count = args.count
214 | }
215 | return this.api.request('/search/view/messagesByNoteRegex/', params)
216 | }
217 |
218 | /**
219 | * Returns the HTTP messages that match the given regular expression in the request optionally filtered by URL and paginated with 'start' position and 'count' of messages.
220 | * @param {string} regex
221 | * @param {string} baseurl - The highest URL in the Sites tree under which messages should be included.
222 | * @param {string} start
223 | * @param {string} count
224 | **/
225 | Search.prototype.messagesByRequestRegex = function (args) {
226 | const params = { regex: args.regex }
227 | if (args.baseurl && args.baseurl !== null) {
228 | params.baseurl = args.baseurl
229 | }
230 | if (args.start && args.start !== null) {
231 | params.start = args.start
232 | }
233 | if (args.count && args.count !== null) {
234 | params.count = args.count
235 | }
236 | return this.api.request('/search/view/messagesByRequestRegex/', params)
237 | }
238 |
239 | /**
240 | * Returns the HTTP messages that match the given regular expression in the response optionally filtered by URL and paginated with 'start' position and 'count' of messages.
241 | * @param {string} regex
242 | * @param {string} baseurl - The highest URL in the Sites tree under which messages should be included.
243 | * @param {string} start
244 | * @param {string} count
245 | **/
246 | Search.prototype.messagesByResponseRegex = function (args) {
247 | const params = { regex: args.regex }
248 | if (args.baseurl && args.baseurl !== null) {
249 | params.baseurl = args.baseurl
250 | }
251 | if (args.start && args.start !== null) {
252 | params.start = args.start
253 | }
254 | if (args.count && args.count !== null) {
255 | params.count = args.count
256 | }
257 | return this.api.request('/search/view/messagesByResponseRegex/', params)
258 | }
259 |
260 | /**
261 | * Returns the HTTP messages that match the given regular expression in the header(s) optionally filtered by URL and paginated with 'start' position and 'count' of messages.
262 | * @param {string} regex
263 | * @param {string} baseurl - The highest URL in the Sites tree under which messages should be included.
264 | * @param {string} start
265 | * @param {string} count
266 | **/
267 | Search.prototype.messagesByHeaderRegex = function (args) {
268 | const params = { regex: args.regex }
269 | if (args.baseurl && args.baseurl !== null) {
270 | params.baseurl = args.baseurl
271 | }
272 | if (args.start && args.start !== null) {
273 | params.start = args.start
274 | }
275 | if (args.count && args.count !== null) {
276 | params.count = args.count
277 | }
278 | return this.api.request('/search/view/messagesByHeaderRegex/', params)
279 | }
280 |
281 | /**
282 | * Returns the HTTP messages, in HAR format, that match the given regular expression in the URL optionally filtered by URL and paginated with 'start' position and 'count' of messages.
283 | * @param {string} regex
284 | * @param {string} baseurl
285 | * @param {string} start
286 | * @param {string} count
287 | **/
288 | Search.prototype.harByUrlRegex = function (args) {
289 | const params = { regex: args.regex }
290 | if (args.baseurl && args.baseurl !== null) {
291 | params.baseurl = args.baseurl
292 | }
293 | if (args.start && args.start !== null) {
294 | params.start = args.start
295 | }
296 | if (args.count && args.count !== null) {
297 | params.count = args.count
298 | }
299 | return this.api.request('/search/other/harByUrlRegex/', params, 'other')
300 | }
301 |
302 | /**
303 | * Returns the HTTP messages, in HAR format, that match the given regular expression in their history Tags optionally filtered by URL and paginated with 'start' position and 'count' of messages.
304 | * @param {string} regex
305 | * @param {string} baseurl - The highest URL in the Sites tree under which URLs should be included.
306 | * @param {string} start
307 | * @param {string} count
308 | **/
309 | Search.prototype.harByTagRegex = function (args) {
310 | const params = { regex: args.regex }
311 | if (args.baseurl && args.baseurl !== null) {
312 | params.baseurl = args.baseurl
313 | }
314 | if (args.start && args.start !== null) {
315 | params.start = args.start
316 | }
317 | if (args.count && args.count !== null) {
318 | params.count = args.count
319 | }
320 | return this.api.request('/search/other/harByTagRegex/', params, 'other')
321 | }
322 |
323 | /**
324 | * Returns the HTTP messages, in HAR format, that match the given regular expression in their note optionally filtered by URL and paginated with 'start' position and 'count' of messages.
325 | * @param {string} regex
326 | * @param {string} baseurl - The highest URL in the Sites tree under which URLs should be included.
327 | * @param {string} start
328 | * @param {string} count
329 | **/
330 | Search.prototype.harByNoteRegex = function (args) {
331 | const params = { regex: args.regex }
332 | if (args.baseurl && args.baseurl !== null) {
333 | params.baseurl = args.baseurl
334 | }
335 | if (args.start && args.start !== null) {
336 | params.start = args.start
337 | }
338 | if (args.count && args.count !== null) {
339 | params.count = args.count
340 | }
341 | return this.api.request('/search/other/harByNoteRegex/', params, 'other')
342 | }
343 |
344 | /**
345 | * Returns the HTTP messages, in HAR format, that match the given regular expression in the request optionally filtered by URL and paginated with 'start' position and 'count' of messages.
346 | * @param {string} regex
347 | * @param {string} baseurl
348 | * @param {string} start
349 | * @param {string} count
350 | **/
351 | Search.prototype.harByRequestRegex = function (args) {
352 | const params = { regex: args.regex }
353 | if (args.baseurl && args.baseurl !== null) {
354 | params.baseurl = args.baseurl
355 | }
356 | if (args.start && args.start !== null) {
357 | params.start = args.start
358 | }
359 | if (args.count && args.count !== null) {
360 | params.count = args.count
361 | }
362 | return this.api.request('/search/other/harByRequestRegex/', params, 'other')
363 | }
364 |
365 | /**
366 | * Returns the HTTP messages, in HAR format, that match the given regular expression in the response optionally filtered by URL and paginated with 'start' position and 'count' of messages.
367 | * @param {string} regex
368 | * @param {string} baseurl
369 | * @param {string} start
370 | * @param {string} count
371 | **/
372 | Search.prototype.harByResponseRegex = function (args) {
373 | const params = { regex: args.regex }
374 | if (args.baseurl && args.baseurl !== null) {
375 | params.baseurl = args.baseurl
376 | }
377 | if (args.start && args.start !== null) {
378 | params.start = args.start
379 | }
380 | if (args.count && args.count !== null) {
381 | params.count = args.count
382 | }
383 | return this.api.request('/search/other/harByResponseRegex/', params, 'other')
384 | }
385 |
386 | /**
387 | * Returns the HTTP messages, in HAR format, that match the given regular expression in the header(s) optionally filtered by URL and paginated with 'start' position and 'count' of messages.
388 | * @param {string} regex
389 | * @param {string} baseurl
390 | * @param {string} start
391 | * @param {string} count
392 | **/
393 | Search.prototype.harByHeaderRegex = function (args) {
394 | const params = { regex: args.regex }
395 | if (args.baseurl && args.baseurl !== null) {
396 | params.baseurl = args.baseurl
397 | }
398 | if (args.start && args.start !== null) {
399 | params.start = args.start
400 | }
401 | if (args.count && args.count !== null) {
402 | params.count = args.count
403 | }
404 | return this.api.request('/search/other/harByHeaderRegex/', params, 'other')
405 | }
406 |
407 | module.exports = Search
408 |
--------------------------------------------------------------------------------
5 |
6 | 
13 |
14 |
15 | 
16 |
17 |
18 |