From 2fb5acfea3c70ad176839854f37d7138497abc38 Mon Sep 17 00:00:00 2001 From: thc202 Date: Fri, 29 Sep 2023 17:09:19 +0100 Subject: [PATCH] Update OpenAPI definition Update with latest core and (zap-extensions) add-ons. Signed-off-by: thc202 --- openapi.yaml | 17829 +++++++++++++++++++++++++++---------------------- 1 file changed, 9849 insertions(+), 7980 deletions(-) diff --git a/openapi.yaml b/openapi.yaml index fd7af38..1cb6dc1 100644 --- a/openapi.yaml +++ b/openapi.yaml @@ -1,9445 +1,11314 @@ -openapi: "3.0.2" +--- +openapi: "3.0.3" info: - title: ZAP API - description: The HTTP API for controlling and accessing ZAP. + title: "ZAP API" + description: "The HTTP API for controlling and accessing ZAP." contact: - name: ZAP User Group - url: https://groups.google.com/group/zaproxy-users - email: zaproxy-users@googlegroups.com + name: "ZAP User Group" + url: "https://groups.google.com/group/zaproxy-users" + email: "zaproxy-users@googlegroups.com" license: - name: Apache 2.0 - url: https://www.apache.org/licenses/LICENSE-2.0.html - version: Dev Build + name: "Apache 2.0" + url: "https://www.apache.org/licenses/LICENSE-2.0.html" + version: "Dev Build" servers: - - url: http://zap - description: The URL while proxying through ZAP. - - url: http://{address}:{port} - description: The URL of a Local Proxy of ZAP. - variables: - address: - default: 127.0.0.1 - description: The address ZAP is listening on. - port: - default: '8080' - description: The port ZAP is bound to. +- url: "http://zap" + description: "The URL while proxying through ZAP." +- url: "http://{address}:{port}" + description: "The URL of a Local Proxy of ZAP." + variables: + address: + description: "The address ZAP is listening on." + default: "127.0.0.1" + port: + description: "The port ZAP is bound to." + default: "8080" components: securitySchemes: apiKeyHeader: - type: apiKey - name: X-ZAP-API-Key - in: header + type: "apiKey" + name: "X-ZAP-API-Key" + in: "header" apiKeyQuery: - type: apiKey - name: apikey - in: query + type: "apiKey" + name: "apikey" + in: "query" + responses: + ErrorOther: + description: "Error of OTHER endpoints." + content: + '*/*': {} + ErrorJson: + description: "Error of JSON endpoints." + content: + application/json: + schema: + $ref: "#/components/schemas/ErrorJson" schemas: - Error: - type: object + ErrorJson: + type: "object" required: - - message - - code + - "code" + - "message" properties: - message: - type: string code: - type: integer - minimum: 100 - maximum: 600 + type: "string" + message: + type: "string" + detail: + type: "string" security: - - apiKeyHeader: [] - - apiKeyQuery: [] +- {} +- apiKeyHeader: [] +- apiKeyQuery: [] paths: - /JSON/alert/view/alert/: + /JSON/accessControl/action/scan/: + get: + description: "Starts an Access Control scan with the given context ID and user\ + \ ID. (Optional parameters: user ID for Unauthenticated user, boolean identifying\ + \ whether or not Alerts are raised, and the Risk level for the Alerts.) [This\ + \ assumes the Access Control rules were previously established via ZAP gui\ + \ and the necessary Context exported/imported.]" + operationId: "accessControlActionScan" + tags: + - "accessControl" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextId" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "userId" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "scanAsUnAuthUser" + in: "query" + description: "" + schema: + type: "string" + - name: "raiseAlert" + in: "query" + description: "" + schema: + type: "string" + - name: "alertRiskLevel" + in: "query" + description: "" + schema: + type: "string" + /JSON/accessControl/action/writeHTMLreport/: + get: + description: "Generates an Access Control report for the given context ID and\ + \ saves it based on the provided filename (path). " + operationId: "accessControlActionWriteHTMLreport" + tags: + - "accessControl" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextId" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "fileName" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/accessControl/view/getScanProgress/: + get: + description: "Gets the Access Control scan progress (percentage integer) for\ + \ the given context ID." + operationId: "accessControlViewGetScanProgress" + tags: + - "accessControl" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextId" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/accessControl/view/getScanStatus/: + get: + description: "Gets the Access Control scan status (description string) for the\ + \ given context ID." + operationId: "accessControlViewGetScanStatus" + tags: + - "accessControl" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextId" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/acsrf/action/addOptionToken/: get: - description: >- - Gets the alert with the given ID, the corresponding HTTP message can be obtained with the 'messageId' field and 'message' API method - operationId: alertViewAlert + description: "Adds an anti-CSRF token with the given name, enabled by default" + operationId: "acsrfActionAddOptionToken" tags: - - alert + - "acsrf" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: id - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - /JSON/alert/view/alerts/: - get: - description: >- - Gets the alerts raised by ZAP, optionally filtering by URL or riskId, and paginating with 'start' position and 'count' of alerts - operationId: alertViewAlerts - tags: - - alert - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: baseurl - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: start - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - - name: count - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - - name: riskId - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/alert/view/alertsSummary/: + - name: "String" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/acsrf/action/removeOptionToken/: get: - description: >- - Gets number of alerts grouped by each risk level, optionally filtering by URL - operationId: alertViewAlertsSummary + description: "Removes the anti-CSRF token with the given name" + operationId: "acsrfActionRemoveOptionToken" tags: - - alert + - "acsrf" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: baseurl - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/alert/view/numberOfAlerts/: - get: - description: >- - Gets the number of alerts, optionally filtering by URL or riskId - operationId: alertViewNumberOfAlerts - tags: - - alert - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: baseurl - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: riskId - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/alert/view/alertsByRisk/: - get: - description: >- - Gets a summary of the alerts, optionally filtered by a 'url'. If 'recurse' is true then all alerts that apply to urls that start with the specified 'url' will be returned, otherwise only those on exactly the same 'url' (ignoring url parameters) - operationId: alertViewAlertsByRisk - tags: - - alert - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: url - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: recurse - in: query - required: false - deprecated: false - description: "" - schema: - type: boolean - /JSON/alert/view/alertCountsByRisk/: - get: - description: >- - Gets a count of the alerts, optionally filtered as per alertsPerRisk - operationId: alertViewAlertCountsByRisk - tags: - - alert - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: url - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: recurse - in: query - required: false - deprecated: false - description: "" - schema: - type: boolean - /JSON/alert/action/deleteAllAlerts/: + - name: "String" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/acsrf/action/setOptionPartialMatchingEnabled/: get: - description: >- - Deletes all alerts of the current session. - operationId: alertActionDeleteAllAlerts + description: "Define if ZAP should detect CSRF tokens by searching for partial\ + \ matches." + operationId: "acsrfActionSetOptionPartialMatchingEnabled" tags: - - alert + - "acsrf" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/alert/action/deleteAlert/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /OTHER/acsrf/other/genForm/: get: - description: >- - Deletes the alert with the given ID. - operationId: alertActionDeleteAlert + description: "Generate a form for testing lack of anti-CSRF tokens - typically\ + \ invoked via ZAP" + operationId: "acsrfOtherGenForm" tags: - - alert + - "acsrf" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorOther" parameters: - - name: id - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/acsrf/view/optionTokensNames/: + - name: "hrefId" + in: "query" + required: true + description: "Define which request will be used" + schema: + type: "string" + - name: "actionUrl" + in: "query" + description: "Define the action URL to be used in the generated form" + schema: + type: "string" + /JSON/acsrf/view/optionPartialMatchingEnabled/: get: - description: >- - Lists the names of all anti-CSRF tokens - operationId: acsrfViewOptionTokensNames + description: "Define if ZAP should detect CSRF tokens by searching for partial\ + \ matches" + operationId: "acsrfViewOptionPartialMatchingEnabled" tags: - - acsrf + - "acsrf" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/acsrf/action/addOptionToken/: + $ref: "#/components/responses/ErrorJson" + /JSON/acsrf/view/optionTokensNames/: + get: + description: "Lists the names of all anti-CSRF tokens" + operationId: "acsrfViewOptionTokensNames" + tags: + - "acsrf" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/ajaxSpider/action/addAllowedResource/: + get: + description: "Adds an allowed resource." + operationId: "ajaxSpiderActionAddAllowedResource" + tags: + - "ajaxSpider" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "regex" + in: "query" + required: true + description: "The regular expression of the allowed resource." + schema: + type: "string" + - name: "enabled" + in: "query" + description: "If the allowed resource should be enabled or not." + schema: + type: "string" + /JSON/ajaxSpider/action/addExcludedElement/: + get: + description: "Adds an excluded element to a context." + operationId: "ajaxSpiderActionAddExcludedElement" + tags: + - "ajaxSpider" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextName" + in: "query" + required: true + description: "The name of the context." + schema: + type: "string" + - name: "description" + in: "query" + required: true + description: "The description of the excluded element." + schema: + type: "string" + - name: "element" + in: "query" + required: true + description: "The element to exclude." + schema: + type: "string" + - name: "xpath" + in: "query" + description: "The XPath of the element." + schema: + type: "string" + - name: "text" + in: "query" + description: "The text of the element." + schema: + type: "string" + - name: "attributeName" + in: "query" + description: "The attribute name of the element." + schema: + type: "string" + - name: "attributeValue" + in: "query" + description: "The attribute value of the element." + schema: + type: "string" + - name: "enabled" + in: "query" + description: "The enabled state, true or false." + schema: + type: "string" + /JSON/ajaxSpider/action/modifyExcludedElement/: + get: + description: "Modifies an excluded element of a context." + operationId: "ajaxSpiderActionModifyExcludedElement" + tags: + - "ajaxSpider" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextName" + in: "query" + required: true + description: "The name of the context." + schema: + type: "string" + - name: "description" + in: "query" + required: true + description: "The description of the excluded element." + schema: + type: "string" + - name: "element" + in: "query" + required: true + description: "The element to exclude." + schema: + type: "string" + - name: "descriptionNew" + in: "query" + description: "The new description." + schema: + type: "string" + - name: "xpath" + in: "query" + description: "The XPath of the element." + schema: + type: "string" + - name: "text" + in: "query" + description: "The text of the element." + schema: + type: "string" + - name: "attributeName" + in: "query" + description: "The attribute name of the element." + schema: + type: "string" + - name: "attributeValue" + in: "query" + description: "The attribute value of the element." + schema: + type: "string" + - name: "enabled" + in: "query" + description: "The enabled state, true or false." + schema: + type: "string" + /JSON/ajaxSpider/action/removeAllowedResource/: + get: + description: "Removes an allowed resource." + operationId: "ajaxSpiderActionRemoveAllowedResource" + tags: + - "ajaxSpider" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "regex" + in: "query" + required: true + description: "The regular expression of the allowed resource." + schema: + type: "string" + /JSON/ajaxSpider/action/removeExcludedElement/: + get: + description: "Removes an excluded element from a context." + operationId: "ajaxSpiderActionRemoveExcludedElement" + tags: + - "ajaxSpider" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextName" + in: "query" + required: true + description: "The name of the context." + schema: + type: "string" + - name: "description" + in: "query" + required: true + description: "The description of the excluded element." + schema: + type: "string" + /JSON/ajaxSpider/action/scan/: + get: + description: "Runs the AJAX Spider against a given target." + operationId: "ajaxSpiderActionScan" + tags: + - "ajaxSpider" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "url" + in: "query" + description: "The starting URL (needs to include the 'scheme')." + schema: + type: "string" + - name: "inScope" + in: "query" + description: "A boolean (true/false) indicating whether or not the scan should\ + \ be restricted to 'inScope' only resources (default value is false)." + schema: + type: "string" + - name: "contextName" + in: "query" + description: "The name for any defined context. If the value does not match\ + \ a defined context then an error will occur." + schema: + type: "string" + - name: "subtreeOnly" + in: "query" + description: "A boolean (true/false) indicating whether or not the crawl should\ + \ be constrained to a specific path (default value is false)." + schema: + type: "string" + /JSON/ajaxSpider/action/scanAsUser/: + get: + description: "Runs the AJAX Spider from the perspective of a User of the web\ + \ application." + operationId: "ajaxSpiderActionScanAsUser" + tags: + - "ajaxSpider" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextName" + in: "query" + required: true + description: "The name for any defined context. If the value does not match\ + \ a defined context then an error will occur." + schema: + type: "string" + - name: "userName" + in: "query" + required: true + description: "The name of the user to be used when crawling. The \"userName\"\ + \ should be previously defined on the context configuration." + schema: + type: "string" + - name: "url" + in: "query" + description: "The starting URL (needs to include the 'scheme')." + schema: + type: "string" + - name: "subtreeOnly" + in: "query" + description: "A boolean (true/false) indicating whether or not the crawl should\ + \ be constrained to a specific path (default value is false)." + schema: + type: "string" + /JSON/ajaxSpider/action/setEnabledAllowedResource/: + get: + description: "Sets whether or not an allowed resource is enabled." + operationId: "ajaxSpiderActionSetEnabledAllowedResource" + tags: + - "ajaxSpider" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "regex" + in: "query" + required: true + description: "The regular expression of the allowed resource." + schema: + type: "string" + - name: "enabled" + in: "query" + required: true + description: "If the allowed resource should be enabled or not." + schema: + type: "string" + /JSON/ajaxSpider/action/setOptionBrowserId/: + get: + description: "Sets the configuration of the AJAX Spider to use one of the supported\ + \ browsers." + operationId: "ajaxSpiderActionSetOptionBrowserId" + tags: + - "ajaxSpider" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "String" + in: "query" + required: true + description: "The name of the browser to be used by the AJAX Spider. (See the\ + \ Selenium add-on help for a list of supported browsers.)" + schema: + type: "string" + /JSON/ajaxSpider/action/setOptionClickDefaultElems/: + get: + description: "Sets whether or not the the AJAX Spider will only click on the\ + \ default HTML elements." + operationId: "ajaxSpiderActionSetOptionClickDefaultElems" + tags: + - "ajaxSpider" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Boolean" + in: "query" + required: true + description: "A boolean (true/false) indicating if only default elements such\ + \ as 'a' 'button' 'input' should be clicked (default is true)." + schema: + type: "boolean" + /JSON/ajaxSpider/action/setOptionClickElemsOnce/: get: - description: >- - Adds an anti-CSRF token with the given name, enabled by default - operationId: acsrfActionAddOptionToken + description: "When enabled, the crawler attempts to interact with each element\ + \ (e.g., by clicking) only once." + operationId: "ajaxSpiderActionSetOptionClickElemsOnce" tags: - - acsrf + - "ajaxSpider" responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + default: + $ref: "#/components/responses/ErrorJson" parameters: - - name: String - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/acsrf/action/removeOptionToken/: + - name: "Boolean" + in: "query" + required: true + description: "A boolean (true/false) indicating whether or not the AJAX Spider\ + \ should only click on elements once. If this is set to false, the crawler\ + \ will attempt to click multiple times; which is more rigorous but may take\ + \ considerably more time (default is true)." + schema: + type: "boolean" + /JSON/ajaxSpider/action/setOptionEventWait/: get: - description: >- - Removes the anti-CSRF token with the given name - operationId: acsrfActionRemoveOptionToken + description: "Sets the time to wait after an event (in milliseconds). For example:\ + \ the wait delay after the cursor hovers over an element, in order for a menu\ + \ to display, etc." + operationId: "ajaxSpiderActionSetOptionEventWait" tags: - - acsrf + - "ajaxSpider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: String - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /OTHER/acsrf/other/genForm/: + - name: "Integer" + in: "query" + required: true + description: "The time that the AJAX Spider should wait for each event (default\ + \ is 1000 milliseconds)." + schema: + type: "integer" + /JSON/ajaxSpider/action/setOptionMaxCrawlDepth/: get: - description: >- - Generate a form for testing lack of anti-CSRF tokens - typically invoked via ZAP - operationId: acsrfOtherGenForm + description: "Sets the maximum depth that the crawler can reach." + operationId: "ajaxSpiderActionSetOptionMaxCrawlDepth" tags: - - acsrf + - "ajaxSpider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: hrefId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/pscan/view/scanOnlyInScope/: + - name: "Integer" + in: "query" + required: true + description: "The maximum depth that the crawler should explore (zero means\ + \ unlimited depth, default is 10)." + schema: + type: "integer" + /JSON/ajaxSpider/action/setOptionMaxCrawlStates/: get: - description: >- - Tells whether or not the passive scan should be performed only on messages that are in scope. - operationId: pscanViewScanOnlyInScope + description: "Sets the maximum number of states that the crawler should crawl." + operationId: "ajaxSpiderActionSetOptionMaxCrawlStates" tags: - - pscan + - "ajaxSpider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/pscan/view/recordsToScan/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Integer" + in: "query" + required: true + description: "The maximum number of states that the AJAX Spider should explore\ + \ (zero means unlimited crawl states, default is 0)" + schema: + type: "integer" + /JSON/ajaxSpider/action/setOptionMaxDuration/: get: - description: >- - The number of records the passive scanner still has to scan - operationId: pscanViewRecordsToScan + description: "The maximum time that the crawler is allowed to run." + operationId: "ajaxSpiderActionSetOptionMaxDuration" tags: - - pscan + - "ajaxSpider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/pscan/view/scanners/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Integer" + in: "query" + required: true + description: "The maximum amount of time that the AJAX Spider is allowed to\ + \ run (zero means unlimited running time, default is 60 minutes)." + schema: + type: "integer" + /JSON/ajaxSpider/action/setOptionNumberOfBrowsers/: get: - description: >- - Lists all passive scanners with its ID, name, enabled state and alert threshold. - operationId: pscanViewScanners + description: "Sets the number of windows to be used by AJAX Spider." + operationId: "ajaxSpiderActionSetOptionNumberOfBrowsers" tags: - - pscan + - "ajaxSpider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/pscan/view/currentRule/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Integer" + in: "query" + required: true + description: "The number of windows that the AJAX Spider can use. The more windows,\ + \ the faster the process will be. However, more windows also means greater\ + \ resource usage (CPU, Memory, etc), and could lead to concurrency issues\ + \ depending on the app being explored (default is 1)." + schema: + type: "integer" + /JSON/ajaxSpider/action/setOptionRandomInputs/: get: - description: >- - Show information about the passive scan rule currently being run (if any). - operationId: pscanViewCurrentRule + description: "When enabled, inserts random values into form fields." + operationId: "ajaxSpiderActionSetOptionRandomInputs" tags: - - pscan + - "ajaxSpider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/pscan/view/maxAlertsPerRule/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Boolean" + in: "query" + required: true + description: "A boolean (true/false) indicating whether or not random values\ + \ should be use in form fields. Otherwise, empty values are submitted (default\ + \ is true)." + schema: + type: "boolean" + /JSON/ajaxSpider/action/setOptionReloadWait/: get: - description: >- - Gets the maximum number of alerts a passive scan rule should raise. - operationId: pscanViewMaxAlertsPerRule + description: "Sets the time to wait after the page is loaded before interacting\ + \ with it." + operationId: "ajaxSpiderActionSetOptionReloadWait" tags: - - pscan + - "ajaxSpider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/pscan/action/setEnabled/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Integer" + in: "query" + required: true + description: "The number of milliseconds the AJAX Spider should wait after a\ + \ page is loaded (default is 1000)." + schema: + type: "integer" + /JSON/ajaxSpider/action/stop/: get: - description: >- - Sets whether or not the passive scanning is enabled (Note: the enabled state is not persisted). - operationId: pscanActionSetEnabled + description: "Stops the AJAX Spider." + operationId: "ajaxSpiderActionStop" tags: - - pscan + - "ajaxSpider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: enabled - in: query - required: true - deprecated: false - description: "" - schema: - type: boolean - /JSON/pscan/action/setScanOnlyInScope/: + $ref: "#/components/responses/ErrorJson" + /JSON/ajaxSpider/view/allowedResources/: get: - description: >- - Sets whether or not the passive scan should be performed only on messages that are in scope. - operationId: pscanActionSetScanOnlyInScope + description: "Gets the allowed resources. The allowed resources are always fetched\ + \ even if out of scope, allowing to include necessary resources (e.g. scripts)\ + \ from 3rd-parties." + operationId: "ajaxSpiderViewAllowedResources" tags: - - pscan + - "ajaxSpider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: onlyInScope - in: query - required: true - deprecated: false - description: "" - schema: - type: boolean - /JSON/pscan/action/enableAllScanners/: + $ref: "#/components/responses/ErrorJson" + /JSON/ajaxSpider/view/excludedElements/: get: - description: >- - Enables all passive scanners - operationId: pscanActionEnableAllScanners + description: "Gets the excluded elements. The excluded elements are not clicked\ + \ during crawling, for example, to prevent logging out." + operationId: "ajaxSpiderViewExcludedElements" tags: - - pscan + - "ajaxSpider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/pscan/action/disableAllScanners/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextName" + in: "query" + required: true + description: "The name of the context." + schema: + type: "string" + /JSON/ajaxSpider/view/fullResults/: get: - description: >- - Disables all passive scanners - operationId: pscanActionDisableAllScanners + description: "Gets the full crawled content detected by the AJAX Spider. Returns\ + \ a set of values based on 'inScope' URLs, 'outOfScope' URLs, and 'errors'\ + \ encountered during the last/current run of the AJAX Spider." + operationId: "ajaxSpiderViewFullResults" tags: - - pscan + - "ajaxSpider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/pscan/action/enableScanners/: + $ref: "#/components/responses/ErrorJson" + /JSON/ajaxSpider/view/numberOfResults/: get: - description: >- - Enables all passive scanners with the given IDs (comma separated list of IDs) - operationId: pscanActionEnableScanners + description: "Gets the number of resources found." + operationId: "ajaxSpiderViewNumberOfResults" tags: - - pscan + - "ajaxSpider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: ids - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/pscan/action/disableScanners/: + $ref: "#/components/responses/ErrorJson" + /JSON/ajaxSpider/view/optionBrowserId/: get: - description: >- - Disables all passive scanners with the given IDs (comma separated list of IDs) - operationId: pscanActionDisableScanners + description: "Gets the configured browser to use for crawling." + operationId: "ajaxSpiderViewOptionBrowserId" tags: - - pscan + - "ajaxSpider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: ids - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/pscan/action/setScannerAlertThreshold/: - get: - description: >- - Sets the alert threshold of the passive scanner with the given ID, accepted values for alert threshold: OFF, DEFAULT, LOW, MEDIUM and HIGH - operationId: pscanActionSetScannerAlertThreshold - tags: - - pscan - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: id - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: alertThreshold - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/pscan/action/setMaxAlertsPerRule/: + $ref: "#/components/responses/ErrorJson" + /JSON/ajaxSpider/view/optionClickDefaultElems/: get: - description: >- - Sets the maximum number of alerts a passive scan rule should raise. - operationId: pscanActionSetMaxAlertsPerRule + description: "Gets the configured value for 'Click Default Elements Only', HTML\ + \ elements such as 'a', 'button', 'input', all associated with some action\ + \ or links on the page." + operationId: "ajaxSpiderViewOptionClickDefaultElems" tags: - - pscan + - "ajaxSpider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: maxAlerts - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/search/view/urlsByUrlRegex/: - get: - description: >- - Returns the URLs of the HTTP messages that match the given regular expression in the URL optionally filtered by URL and paginated with 'start' position and 'count' of messages. - operationId: searchViewUrlsByUrlRegex - tags: - - search - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: regex - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: baseurl - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: start - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - - name: count - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - /JSON/search/view/urlsByRequestRegex/: - get: - description: >- - Returns the URLs of the HTTP messages that match the given regular expression in the request optionally filtered by URL and paginated with 'start' position and 'count' of messages. - operationId: searchViewUrlsByRequestRegex - tags: - - search - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: regex - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: baseurl - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: start - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - - name: count - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - /JSON/search/view/urlsByResponseRegex/: - get: - description: >- - Returns the URLs of the HTTP messages that match the given regular expression in the response optionally filtered by URL and paginated with 'start' position and 'count' of messages. - operationId: searchViewUrlsByResponseRegex - tags: - - search - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: regex - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: baseurl - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: start - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - - name: count - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - /JSON/search/view/urlsByHeaderRegex/: - get: - description: >- - Returns the URLs of the HTTP messages that match the given regular expression in the header(s) optionally filtered by URL and paginated with 'start' position and 'count' of messages. - operationId: searchViewUrlsByHeaderRegex - tags: - - search - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: regex - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: baseurl - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: start - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - - name: count - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - /JSON/search/view/messagesByUrlRegex/: - get: - description: >- - Returns the HTTP messages that match the given regular expression in the URL optionally filtered by URL and paginated with 'start' position and 'count' of messages. - operationId: searchViewMessagesByUrlRegex - tags: - - search - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: regex - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: baseurl - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: start - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - - name: count - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - /JSON/search/view/messagesByRequestRegex/: - get: - description: >- - Returns the HTTP messages that match the given regular expression in the request optionally filtered by URL and paginated with 'start' position and 'count' of messages. - operationId: searchViewMessagesByRequestRegex - tags: - - search - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: regex - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: baseurl - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: start - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - - name: count - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - /JSON/search/view/messagesByResponseRegex/: - get: - description: >- - Returns the HTTP messages that match the given regular expression in the response optionally filtered by URL and paginated with 'start' position and 'count' of messages. - operationId: searchViewMessagesByResponseRegex - tags: - - search - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: regex - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: baseurl - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: start - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - - name: count - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - /JSON/search/view/messagesByHeaderRegex/: - get: - description: >- - Returns the HTTP messages that match the given regular expression in the header(s) optionally filtered by URL and paginated with 'start' position and 'count' of messages. - operationId: searchViewMessagesByHeaderRegex - tags: - - search - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: regex - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: baseurl - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: start - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - - name: count - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - /OTHER/search/other/harByUrlRegex/: - get: - description: >- - Returns the HTTP messages, in HAR format, that match the given regular expression in the URL optionally filtered by URL and paginated with 'start' position and 'count' of messages. - operationId: searchOtherHarByUrlRegex - tags: - - search - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: regex - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: baseurl - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: start - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - - name: count - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - /OTHER/search/other/harByRequestRegex/: - get: - description: >- - Returns the HTTP messages, in HAR format, that match the given regular expression in the request optionally filtered by URL and paginated with 'start' position and 'count' of messages. - operationId: searchOtherHarByRequestRegex - tags: - - search - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: regex - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: baseurl - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: start - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - - name: count - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - /OTHER/search/other/harByResponseRegex/: - get: - description: >- - Returns the HTTP messages, in HAR format, that match the given regular expression in the response optionally filtered by URL and paginated with 'start' position and 'count' of messages. - operationId: searchOtherHarByResponseRegex - tags: - - search - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: regex - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: baseurl - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: start - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - - name: count - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - /OTHER/search/other/harByHeaderRegex/: - get: - description: >- - Returns the HTTP messages, in HAR format, that match the given regular expression in the header(s) optionally filtered by URL and paginated with 'start' position and 'count' of messages. - operationId: searchOtherHarByHeaderRegex - tags: - - search - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: regex - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: baseurl - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: start - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - - name: count - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - /JSON/autoupdate/view/latestVersionNumber/: + $ref: "#/components/responses/ErrorJson" + /JSON/ajaxSpider/view/optionClickElemsOnce/: get: - description: >- - Returns the latest version number - operationId: autoupdateViewLatestVersionNumber + description: "Gets the value configured for the AJAX Spider to know if it should\ + \ click on the elements only once." + operationId: "ajaxSpiderViewOptionClickElemsOnce" tags: - - autoupdate + - "ajaxSpider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/autoupdate/view/isLatestVersion/: + $ref: "#/components/responses/ErrorJson" + /JSON/ajaxSpider/view/optionEventWait/: get: - description: >- - Returns 'true' if ZAP is on the latest version - operationId: autoupdateViewIsLatestVersion + description: "Gets the time to wait after an event (in milliseconds). For example:\ + \ the wait delay after the cursor hovers over an element, in order for a menu\ + \ to display, etc." + operationId: "ajaxSpiderViewOptionEventWait" tags: - - autoupdate + - "ajaxSpider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/autoupdate/view/installedAddons/: + $ref: "#/components/responses/ErrorJson" + /JSON/ajaxSpider/view/optionMaxCrawlDepth/: get: - description: >- - Return a list of all of the installed add-ons - operationId: autoupdateViewInstalledAddons + description: "Gets the configured value for the max crawl depth." + operationId: "ajaxSpiderViewOptionMaxCrawlDepth" tags: - - autoupdate + - "ajaxSpider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/autoupdate/view/localAddons/: + $ref: "#/components/responses/ErrorJson" + /JSON/ajaxSpider/view/optionMaxCrawlStates/: get: - description: >- - Returns a list with all local add-ons, installed or not. - operationId: autoupdateViewLocalAddons + description: "Gets the configured value for the maximum crawl states allowed." + operationId: "ajaxSpiderViewOptionMaxCrawlStates" tags: - - autoupdate + - "ajaxSpider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/autoupdate/view/newAddons/: + $ref: "#/components/responses/ErrorJson" + /JSON/ajaxSpider/view/optionMaxDuration/: get: - description: >- - Return a list of any add-ons that have been added to the Marketplace since the last check for updates - operationId: autoupdateViewNewAddons + description: "Gets the configured max duration of the crawl, the value is in\ + \ minutes." + operationId: "ajaxSpiderViewOptionMaxDuration" tags: - - autoupdate + - "ajaxSpider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/autoupdate/view/updatedAddons/: + $ref: "#/components/responses/ErrorJson" + /JSON/ajaxSpider/view/optionNumberOfBrowsers/: get: - description: >- - Return a list of any add-ons that have been changed in the Marketplace since the last check for updates - operationId: autoupdateViewUpdatedAddons + description: "Gets the configured number of browsers to be used." + operationId: "ajaxSpiderViewOptionNumberOfBrowsers" tags: - - autoupdate + - "ajaxSpider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/autoupdate/view/marketplaceAddons/: + $ref: "#/components/responses/ErrorJson" + /JSON/ajaxSpider/view/optionRandomInputs/: get: - description: >- - Return a list of all of the add-ons on the ZAP Marketplace (this information is read once and then cached) - operationId: autoupdateViewMarketplaceAddons + description: "Gets if the AJAX Spider will use random values in form fields\ + \ when crawling, if set to true." + operationId: "ajaxSpiderViewOptionRandomInputs" tags: - - autoupdate + - "ajaxSpider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/autoupdate/view/optionAddonDirectories/: + $ref: "#/components/responses/ErrorJson" + /JSON/ajaxSpider/view/optionReloadWait/: get: - description: >- - - operationId: autoupdateViewOptionAddonDirectories + description: "Gets the configured time to wait after reloading the page, this\ + \ value is in milliseconds." + operationId: "ajaxSpiderViewOptionReloadWait" tags: - - autoupdate + - "ajaxSpider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/autoupdate/view/optionDayLastChecked/: + $ref: "#/components/responses/ErrorJson" + /JSON/ajaxSpider/view/results/: get: - description: >- - - operationId: autoupdateViewOptionDayLastChecked + description: "Gets the current results of the crawler." + operationId: "ajaxSpiderViewResults" tags: - - autoupdate + - "ajaxSpider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/autoupdate/view/optionDayLastInstallWarned/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "start" + in: "query" + description: "The position (or offset) within the results to use as a starting\ + \ position for the information returned." + schema: + type: "string" + - name: "count" + in: "query" + description: "The number of results to return." + schema: + type: "string" + /JSON/ajaxSpider/view/status/: + get: + description: "Gets the current status of the crawler. Actual values are Stopped\ + \ and Running." + operationId: "ajaxSpiderViewStatus" + tags: + - "ajaxSpider" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/alert/action/addAlert/: + get: + description: "Add an alert associated with the given message ID, with the provided\ + \ details. (The ID of the created alert is returned.)" + operationId: "alertActionAddAlert" + tags: + - "alert" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "messageId" + in: "query" + required: true + description: "The ID of the message to which the alert should be associated." + schema: + type: "string" + - name: "name" + in: "query" + required: true + description: "The name of the alert." + schema: + type: "string" + - name: "riskId" + in: "query" + required: true + description: "The numeric risk representation ('0 - Informational' through '3\ + \ - High')." + schema: + type: "string" + - name: "confidenceId" + in: "query" + required: true + description: "The numeric confidence representation ('1 - Low' through '3 -\ + \ High' [user set values '0 - False Positive', and '4 - User Confirmed' are\ + \ also available])." + schema: + type: "string" + - name: "description" + in: "query" + required: true + description: "The description to be set to the alert." + schema: + type: "string" + - name: "param" + in: "query" + description: "The name of the parameter applicable to the alert." + schema: + type: "string" + - name: "attack" + in: "query" + description: "The attack (ex: injected string) used by the scan rule." + schema: + type: "string" + - name: "otherInfo" + in: "query" + description: "Other information about the alert or test." + schema: + type: "string" + - name: "solution" + in: "query" + description: "The solution for the alert." + schema: + type: "string" + - name: "references" + in: "query" + description: "The reference details for the alert." + schema: + type: "string" + - name: "evidence" + in: "query" + description: "The evidence associated with the alert." + schema: + type: "string" + - name: "cweId" + in: "query" + description: "The CWE identifier associated with the alert." + schema: + type: "string" + - name: "wascId" + in: "query" + description: "The WASC identifier associated with the alert." + schema: + type: "string" + /JSON/alert/action/deleteAlert/: get: - description: >- - - operationId: autoupdateViewOptionDayLastInstallWarned + description: "Deletes the alert with the given ID. " + operationId: "alertActionDeleteAlert" tags: - - autoupdate + - "alert" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/autoupdate/view/optionDayLastUpdateWarned/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "id" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/alert/action/deleteAlerts/: get: - description: >- - - operationId: autoupdateViewOptionDayLastUpdateWarned + description: "Deletes all the alerts optionally filtered by URL which fall within\ + \ the Context with the provided name, risk, or base URL." + operationId: "alertActionDeleteAlerts" tags: - - autoupdate + - "alert" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/autoupdate/view/optionDownloadDirectory/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextName" + in: "query" + description: "The name of the Context for which the alerts should be deleted." + schema: + type: "string" + - name: "baseurl" + in: "query" + description: "The highest URL in the Sites tree under which alerts should be\ + \ deleted." + schema: + type: "string" + - name: "riskId" + in: "query" + description: "The numeric risk representation ('0 - Informational' through '3\ + \ - High')." + schema: + type: "string" + /JSON/alert/action/deleteAllAlerts/: + get: + description: "Deletes all alerts of the current session." + operationId: "alertActionDeleteAllAlerts" + tags: + - "alert" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/alert/action/updateAlert/: + get: + description: "Update the alert with the given ID, with the provided details." + operationId: "alertActionUpdateAlert" + tags: + - "alert" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "id" + in: "query" + required: true + description: "The ID of the alert to update." + schema: + type: "string" + - name: "name" + in: "query" + required: true + description: "The name of the alert." + schema: + type: "string" + - name: "riskId" + in: "query" + required: true + description: "The numeric risk representation ('0 - Informational' through '3\ + \ - High')." + schema: + type: "string" + - name: "confidenceId" + in: "query" + required: true + description: "The numeric confidence representation ('1 - Low' through '3 -\ + \ High' [user set values '0 - False Positive', and '4 - User Confirmed' are\ + \ also available])." + schema: + type: "string" + - name: "description" + in: "query" + required: true + description: "The description to be set to the alert." + schema: + type: "string" + - name: "param" + in: "query" + description: "The name of the parameter applicable to the alert." + schema: + type: "string" + - name: "attack" + in: "query" + description: "The attack (ex: injected string) used by the scan rule." + schema: + type: "string" + - name: "otherInfo" + in: "query" + description: "Other information about the alert or test." + schema: + type: "string" + - name: "solution" + in: "query" + description: "The solution for the alert." + schema: + type: "string" + - name: "references" + in: "query" + description: "The reference details for the alert." + schema: + type: "string" + - name: "evidence" + in: "query" + description: "The evidence associated with the alert." + schema: + type: "string" + - name: "cweId" + in: "query" + description: "The CWE identifier associated with the alert." + schema: + type: "string" + - name: "wascId" + in: "query" + description: "The WASC identifier associated with the alert." + schema: + type: "string" + /JSON/alert/action/updateAlertsConfidence/: + get: + description: "Update the confidence of the alerts." + operationId: "alertActionUpdateAlertsConfidence" + tags: + - "alert" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "ids" + in: "query" + required: true + description: "The IDs of the alerts to update (comma separated values)." + schema: + type: "string" + - name: "confidenceId" + in: "query" + required: true + description: "The numeric confidence representation ('1 - Low' through '3 -\ + \ High' [user set values '0 - False Positive', and '4 - User Confirmed' are\ + \ also available])." + schema: + type: "string" + /JSON/alert/action/updateAlertsRisk/: + get: + description: "Update the risk of the alerts." + operationId: "alertActionUpdateAlertsRisk" + tags: + - "alert" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "ids" + in: "query" + required: true + description: "The IDs of the alerts to update (comma separated values)." + schema: + type: "string" + - name: "riskId" + in: "query" + required: true + description: "The numeric risk representation ('0 - Informational' through '3\ + \ - High')." + schema: + type: "string" + /JSON/alert/view/alert/: get: - description: >- - - operationId: autoupdateViewOptionDownloadDirectory + description: "Gets the alert with the given ID, the corresponding HTTP message\ + \ can be obtained with the 'messageId' field and 'message' API method" + operationId: "alertViewAlert" tags: - - autoupdate + - "alert" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/autoupdate/view/optionCheckAddonUpdates/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "id" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/alert/view/alertCountsByRisk/: get: - description: >- - - operationId: autoupdateViewOptionCheckAddonUpdates + description: "Gets a count of the alerts, optionally filtered as per alertsPerRisk" + operationId: "alertViewAlertCountsByRisk" tags: - - autoupdate + - "alert" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/autoupdate/view/optionCheckOnStart/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "url" + in: "query" + description: "" + schema: + type: "string" + - name: "recurse" + in: "query" + description: "" + schema: + type: "string" + /JSON/alert/view/alerts/: + get: + description: "Gets the alerts raised by ZAP, optionally filtering by URL or\ + \ riskId, and paginating with 'start' position and 'count' of alerts" + operationId: "alertViewAlerts" + tags: + - "alert" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "baseurl" + in: "query" + description: "The highest URL in the Sites tree under which alerts should be\ + \ included." + schema: + type: "string" + - name: "start" + in: "query" + description: "" + schema: + type: "string" + - name: "count" + in: "query" + description: "" + schema: + type: "string" + - name: "riskId" + in: "query" + description: "" + schema: + type: "string" + - name: "contextName" + in: "query" + description: "Optionally, the Context name which the Alerts' URLs are associated\ + \ with." + schema: + type: "string" + /JSON/alert/view/alertsByRisk/: get: - description: >- - - operationId: autoupdateViewOptionCheckOnStart + description: "Gets a summary of the alerts, optionally filtered by a 'url'.\ + \ If 'recurse' is true then all alerts that apply to urls that start with\ + \ the specified 'url' will be returned, otherwise only those on exactly the\ + \ same 'url' (ignoring url parameters)" + operationId: "alertViewAlertsByRisk" tags: - - autoupdate + - "alert" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/autoupdate/view/optionDownloadNewRelease/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "url" + in: "query" + description: "" + schema: + type: "string" + - name: "recurse" + in: "query" + description: "" + schema: + type: "string" + /JSON/alert/view/alertsSummary/: get: - description: >- - - operationId: autoupdateViewOptionDownloadNewRelease + description: "Gets number of alerts grouped by each risk level, optionally filtering\ + \ by URL" + operationId: "alertViewAlertsSummary" tags: - - autoupdate + - "alert" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/autoupdate/view/optionInstallAddonUpdates/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "baseurl" + in: "query" + description: "The highest URL in the Sites tree under which alerts should be\ + \ included." + schema: + type: "string" + /JSON/alert/view/numberOfAlerts/: + get: + description: "Gets the number of alerts, optionally filtering by URL or riskId" + operationId: "alertViewNumberOfAlerts" + tags: + - "alert" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "baseurl" + in: "query" + description: "The highest URL in the Sites tree under which alerts should be\ + \ included." + schema: + type: "string" + - name: "riskId" + in: "query" + description: "" + schema: + type: "string" + /JSON/alertFilter/action/addAlertFilter/: + get: + description: "Adds a new alert filter for the context with the given ID. " + operationId: "alertFilterActionAddAlertFilter" + tags: + - "alertFilter" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextId" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "ruleId" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "newLevel" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "url" + in: "query" + description: "" + schema: + type: "string" + - name: "urlIsRegex" + in: "query" + description: "" + schema: + type: "string" + - name: "parameter" + in: "query" + description: "" + schema: + type: "string" + - name: "enabled" + in: "query" + description: "" + schema: + type: "string" + - name: "parameterIsRegex" + in: "query" + description: "" + schema: + type: "string" + - name: "attack" + in: "query" + description: "" + schema: + type: "string" + - name: "attackIsRegex" + in: "query" + description: "" + schema: + type: "string" + - name: "evidence" + in: "query" + description: "" + schema: + type: "string" + - name: "evidenceIsRegex" + in: "query" + description: "" + schema: + type: "string" + - name: "methods" + in: "query" + description: "" + schema: + type: "string" + /JSON/alertFilter/action/addGlobalAlertFilter/: + get: + description: "Adds a new global alert filter. " + operationId: "alertFilterActionAddGlobalAlertFilter" + tags: + - "alertFilter" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "ruleId" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "newLevel" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "url" + in: "query" + description: "" + schema: + type: "string" + - name: "urlIsRegex" + in: "query" + description: "" + schema: + type: "string" + - name: "parameter" + in: "query" + description: "" + schema: + type: "string" + - name: "enabled" + in: "query" + description: "" + schema: + type: "string" + - name: "parameterIsRegex" + in: "query" + description: "" + schema: + type: "string" + - name: "attack" + in: "query" + description: "" + schema: + type: "string" + - name: "attackIsRegex" + in: "query" + description: "" + schema: + type: "string" + - name: "evidence" + in: "query" + description: "" + schema: + type: "string" + - name: "evidenceIsRegex" + in: "query" + description: "" + schema: + type: "string" + - name: "methods" + in: "query" + description: "" + schema: + type: "string" + /JSON/alertFilter/action/applyAll/: + get: + description: "Applies all currently enabled Global and Context alert filters." + operationId: "alertFilterActionApplyAll" + tags: + - "alertFilter" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/alertFilter/action/applyContext/: + get: + description: "Applies all currently enabled Context alert filters." + operationId: "alertFilterActionApplyContext" + tags: + - "alertFilter" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/alertFilter/action/applyGlobal/: + get: + description: "Applies all currently enabled Global alert filters." + operationId: "alertFilterActionApplyGlobal" + tags: + - "alertFilter" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/alertFilter/action/removeAlertFilter/: + get: + description: "Removes an alert filter from the context with the given ID." + operationId: "alertFilterActionRemoveAlertFilter" + tags: + - "alertFilter" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextId" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "ruleId" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "newLevel" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "url" + in: "query" + description: "" + schema: + type: "string" + - name: "urlIsRegex" + in: "query" + description: "" + schema: + type: "string" + - name: "parameter" + in: "query" + description: "" + schema: + type: "string" + - name: "enabled" + in: "query" + description: "" + schema: + type: "string" + - name: "parameterIsRegex" + in: "query" + description: "" + schema: + type: "string" + - name: "attack" + in: "query" + description: "" + schema: + type: "string" + - name: "attackIsRegex" + in: "query" + description: "" + schema: + type: "string" + - name: "evidence" + in: "query" + description: "" + schema: + type: "string" + - name: "evidenceIsRegex" + in: "query" + description: "" + schema: + type: "string" + - name: "methods" + in: "query" + description: "" + schema: + type: "string" + /JSON/alertFilter/action/removeGlobalAlertFilter/: + get: + description: "Removes a global alert filter." + operationId: "alertFilterActionRemoveGlobalAlertFilter" + tags: + - "alertFilter" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "ruleId" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "newLevel" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "url" + in: "query" + description: "" + schema: + type: "string" + - name: "urlIsRegex" + in: "query" + description: "" + schema: + type: "string" + - name: "parameter" + in: "query" + description: "" + schema: + type: "string" + - name: "enabled" + in: "query" + description: "" + schema: + type: "string" + - name: "parameterIsRegex" + in: "query" + description: "" + schema: + type: "string" + - name: "attack" + in: "query" + description: "" + schema: + type: "string" + - name: "attackIsRegex" + in: "query" + description: "" + schema: + type: "string" + - name: "evidence" + in: "query" + description: "" + schema: + type: "string" + - name: "evidenceIsRegex" + in: "query" + description: "" + schema: + type: "string" + - name: "methods" + in: "query" + description: "" + schema: + type: "string" + /JSON/alertFilter/action/testAll/: + get: + description: "Tests all currently enabled Global and Context alert filters." + operationId: "alertFilterActionTestAll" + tags: + - "alertFilter" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/alertFilter/action/testContext/: + get: + description: "Tests all currently enabled Context alert filters." + operationId: "alertFilterActionTestContext" + tags: + - "alertFilter" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/alertFilter/action/testGlobal/: + get: + description: "Tests all currently enabled Global alert filters." + operationId: "alertFilterActionTestGlobal" + tags: + - "alertFilter" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/alertFilter/view/alertFilterList/: + get: + description: "Lists the alert filters of the context with the given ID." + operationId: "alertFilterViewAlertFilterList" + tags: + - "alertFilter" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextId" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/alertFilter/view/globalAlertFilterList/: + get: + description: "Lists the global alert filters." + operationId: "alertFilterViewGlobalAlertFilterList" + tags: + - "alertFilter" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/action/addExcludedParam/: + get: + description: "Adds a new parameter excluded from the scan, using the specified\ + \ name. Optionally sets if the new entry applies to a specific URL (default,\ + \ all URLs) and sets the ID of the type of the parameter (default, ID of any\ + \ type). The type IDs can be obtained with the view excludedParamTypes. " + operationId: "ascanActionAddExcludedParam" + tags: + - "ascan" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "name" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "type" + in: "query" + description: "" + schema: + type: "string" + - name: "url" + in: "query" + description: "" + schema: + type: "string" + /JSON/ascan/action/addScanPolicy/: + get: + description: "" + operationId: "ascanActionAddScanPolicy" + tags: + - "ascan" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "scanPolicyName" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "alertThreshold" + in: "query" + description: "" + schema: + type: "string" + - name: "attackStrength" + in: "query" + description: "" + schema: + type: "string" + /JSON/ascan/action/clearExcludedFromScan/: get: - description: >- - - operationId: autoupdateViewOptionInstallAddonUpdates + description: "Clears the regexes of URLs excluded from the active scans." + operationId: "ascanActionClearExcludedFromScan" tags: - - autoupdate + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/autoupdate/view/optionInstallScannerRules/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/action/disableAllScanners/: get: - description: >- - - operationId: autoupdateViewOptionInstallScannerRules + description: "Disables all scan rules of the scan policy with the given name,\ + \ or the default if none given." + operationId: "ascanActionDisableAllScanners" tags: - - autoupdate + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/autoupdate/view/optionReportAlphaAddons/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "scanPolicyName" + in: "query" + description: "" + schema: + type: "string" + /JSON/ascan/action/disableScanners/: get: - description: >- - - operationId: autoupdateViewOptionReportAlphaAddons + description: "Disables the scan rules with the given IDs (comma separated list\ + \ of IDs) of the scan policy with the given name, or the default if none given." + operationId: "ascanActionDisableScanners" tags: - - autoupdate + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/autoupdate/view/optionReportBetaAddons/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "ids" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "scanPolicyName" + in: "query" + description: "" + schema: + type: "string" + /JSON/ascan/action/enableAllScanners/: get: - description: >- - - operationId: autoupdateViewOptionReportBetaAddons + description: "Enables all scan rules of the scan policy with the given name,\ + \ or the default if none given." + operationId: "ascanActionEnableAllScanners" tags: - - autoupdate + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/autoupdate/view/optionReportReleaseAddons/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "scanPolicyName" + in: "query" + description: "" + schema: + type: "string" + /JSON/ascan/action/enableScanners/: get: - description: >- - - operationId: autoupdateViewOptionReportReleaseAddons + description: "Enables the scan rules with the given IDs (comma separated list\ + \ of IDs) of the scan policy with the given name, or the default if none given." + operationId: "ascanActionEnableScanners" tags: - - autoupdate + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/autoupdate/action/downloadLatestRelease/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "ids" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "scanPolicyName" + in: "query" + description: "" + schema: + type: "string" + /JSON/ascan/action/excludeFromScan/: get: - description: >- - Downloads the latest release, if any - operationId: autoupdateActionDownloadLatestRelease + description: "Adds a regex of URLs that should be excluded from the active scans." + operationId: "ascanActionExcludeFromScan" tags: - - autoupdate + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/autoupdate/action/installAddon/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "regex" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/ascan/action/importScanPolicy/: get: - description: >- - Installs or updates the specified add-on, returning when complete (ie not asynchronously) - operationId: autoupdateActionInstallAddon + description: "Imports a Scan Policy using the given file system path." + operationId: "ascanActionImportScanPolicy" tags: - - autoupdate + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: id - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/autoupdate/action/installLocalAddon/: + - name: "path" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/ascan/action/modifyExcludedParam/: get: - description: >- - - operationId: autoupdateActionInstallLocalAddon + description: "Modifies a parameter excluded from the scan. Allows to modify\ + \ the name, the URL and the type of parameter. The parameter is selected with\ + \ its index, which can be obtained with the view excludedParams." + operationId: "ascanActionModifyExcludedParam" + tags: + - "ascan" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "idx" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "name" + in: "query" + description: "" + schema: + type: "string" + - name: "type" + in: "query" + description: "" + schema: + type: "string" + - name: "url" + in: "query" + description: "" + schema: + type: "string" + /JSON/ascan/action/pause/: + get: + description: "" + operationId: "ascanActionPause" tags: - - autoupdate + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: file - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/autoupdate/action/uninstallAddon/: + - name: "scanId" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/ascan/action/pauseAllScans/: get: - description: >- - Uninstalls the specified add-on - operationId: autoupdateActionUninstallAddon + description: "" + operationId: "ascanActionPauseAllScans" tags: - - autoupdate + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: id - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/autoupdate/action/setOptionCheckAddonUpdates/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/action/removeAllScans/: get: - description: >- - - operationId: autoupdateActionSetOptionCheckAddonUpdates + description: "" + operationId: "ascanActionRemoveAllScans" tags: - - autoupdate + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/autoupdate/action/setOptionCheckOnStart/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/action/removeExcludedParam/: get: - description: >- - - operationId: autoupdateActionSetOptionCheckOnStart + description: "Removes a parameter excluded from the scan, with the given index.\ + \ The index can be obtained with the view excludedParams." + operationId: "ascanActionRemoveExcludedParam" tags: - - autoupdate + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/autoupdate/action/setOptionDownloadNewRelease/: + - name: "idx" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/ascan/action/removeScan/: get: - description: >- - - operationId: autoupdateActionSetOptionDownloadNewRelease + description: "" + operationId: "ascanActionRemoveScan" tags: - - autoupdate + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/autoupdate/action/setOptionInstallAddonUpdates/: + - name: "scanId" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/ascan/action/removeScanPolicy/: get: - description: >- - - operationId: autoupdateActionSetOptionInstallAddonUpdates + description: "" + operationId: "ascanActionRemoveScanPolicy" tags: - - autoupdate + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/autoupdate/action/setOptionInstallScannerRules/: + - name: "scanPolicyName" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/ascan/action/resume/: get: - description: >- - - operationId: autoupdateActionSetOptionInstallScannerRules + description: "" + operationId: "ascanActionResume" tags: - - autoupdate + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/autoupdate/action/setOptionReportAlphaAddons/: + - name: "scanId" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/ascan/action/resumeAllScans/: get: - description: >- - - operationId: autoupdateActionSetOptionReportAlphaAddons + description: "" + operationId: "ascanActionResumeAllScans" tags: - - autoupdate + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/autoupdate/action/setOptionReportBetaAddons/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/action/scan/: + get: + description: "Runs the active scanner against the given URL or Context. Optionally,\ + \ the 'recurse' parameter can be used to scan URLs under the given URL, the\ + \ parameter 'inScopeOnly' can be used to constrain the scan to URLs that are\ + \ in scope (ignored if a Context is specified), the parameter 'scanPolicyName'\ + \ allows to specify the scan policy (if none is given it uses the default\ + \ scan policy), the parameters 'method' and 'postData' allow to select a given\ + \ request in conjunction with the given URL." + operationId: "ascanActionScan" + tags: + - "ascan" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "url" + in: "query" + description: "" + schema: + type: "string" + - name: "recurse" + in: "query" + description: "" + schema: + type: "string" + - name: "inScopeOnly" + in: "query" + description: "" + schema: + type: "string" + - name: "scanPolicyName" + in: "query" + description: "" + schema: + type: "string" + - name: "method" + in: "query" + description: "" + schema: + type: "string" + - name: "postData" + in: "query" + description: "" + schema: + type: "string" + - name: "contextId" + in: "query" + description: "" + schema: + type: "string" + /JSON/ascan/action/scanAsUser/: + get: + description: "Active Scans from the perspective of a User, obtained using the\ + \ given Context ID and User ID. See 'scan' action for more details." + operationId: "ascanActionScanAsUser" + tags: + - "ascan" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "url" + in: "query" + description: "" + schema: + type: "string" + - name: "contextId" + in: "query" + description: "" + schema: + type: "string" + - name: "userId" + in: "query" + description: "" + schema: + type: "string" + - name: "recurse" + in: "query" + description: "" + schema: + type: "string" + - name: "scanPolicyName" + in: "query" + description: "" + schema: + type: "string" + - name: "method" + in: "query" + description: "" + schema: + type: "string" + - name: "postData" + in: "query" + description: "" + schema: + type: "string" + /JSON/ascan/action/setEnabledPolicies/: get: - description: >- - - operationId: autoupdateActionSetOptionReportBetaAddons + description: "" + operationId: "ascanActionSetEnabledPolicies" tags: - - autoupdate + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/autoupdate/action/setOptionReportReleaseAddons/: + - name: "ids" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "scanPolicyName" + in: "query" + description: "" + schema: + type: "string" + /JSON/ascan/action/setOptionAddQueryParam/: get: - description: >- - - operationId: autoupdateActionSetOptionReportReleaseAddons + description: "Sets whether or not the active scanner should add a query param\ + \ to GET requests which do not have parameters to start with." + operationId: "ascanActionSetOptionAddQueryParam" tags: - - autoupdate + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/spider/view/status/: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/ascan/action/setOptionAllowAttackOnStart/: get: - description: >- - - operationId: spiderViewStatus + description: "" + operationId: "ascanActionSetOptionAllowAttackOnStart" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: scanId - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - /JSON/spider/view/results/: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/ascan/action/setOptionAttackPolicy/: get: - description: >- - - operationId: spiderViewResults + description: "" + operationId: "ascanActionSetOptionAttackPolicy" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: scanId - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - /JSON/spider/view/fullResults/: + - name: "String" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/ascan/action/setOptionDefaultPolicy/: get: - description: >- - - operationId: spiderViewFullResults + description: "" + operationId: "ascanActionSetOptionDefaultPolicy" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: scanId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/spider/view/scans/: + - name: "String" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/ascan/action/setOptionDelayInMs/: get: - description: >- - - operationId: spiderViewScans + description: "This option has been superseded. Use the API rate limit endpoints\ + \ in the 'network' component instead." + deprecated: true + operationId: "ascanActionSetOptionDelayInMs" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/excludedFromScan/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Integer" + in: "query" + required: true + description: "" + schema: + type: "integer" + /JSON/ascan/action/setOptionHandleAntiCSRFTokens/: get: - description: >- - Gets the regexes of URLs excluded from the spider scans. - operationId: spiderViewExcludedFromScan + description: "" + operationId: "ascanActionSetOptionHandleAntiCSRFTokens" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/allUrls/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/ascan/action/setOptionHostPerScan/: get: - description: >- - Returns a list of unique URLs from the history table based on HTTP messages added by the Spider. - operationId: spiderViewAllUrls + description: "" + operationId: "ascanActionSetOptionHostPerScan" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/addedNodes/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Integer" + in: "query" + required: true + description: "" + schema: + type: "integer" + /JSON/ascan/action/setOptionInjectPluginIdInHeader/: get: - description: >- - Returns a list of the names of the nodes added to the Sites tree by the specified scan. - operationId: spiderViewAddedNodes + description: "Sets whether or not the active scanner should inject the HTTP\ + \ request header X-ZAP-Scan-ID, with the ID of the scan rule that's sending\ + \ the requests." + operationId: "ascanActionSetOptionInjectPluginIdInHeader" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: scanId - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - /JSON/spider/view/domainsAlwaysInScope/: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/ascan/action/setOptionMaxAlertsPerRule/: get: - description: >- - Gets all the domains that are always in scope. For each domain the following are shown: the index, the value (domain), if enabled, and if specified as a regex. - operationId: spiderViewDomainsAlwaysInScope + description: "Sets the maximum number of alerts that a rule can raise before\ + \ being skipped." + operationId: "ascanActionSetOptionMaxAlertsPerRule" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/optionDomainsAlwaysInScope/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Integer" + in: "query" + required: true + description: "The maximum alerts." + schema: + type: "integer" + /JSON/ascan/action/setOptionMaxChartTimeInMins/: get: - description: >- - Use view domainsAlwaysInScope instead. - deprecated: true - operationId: spiderViewOptionDomainsAlwaysInScope + description: "" + operationId: "ascanActionSetOptionMaxChartTimeInMins" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/optionDomainsAlwaysInScopeEnabled/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Integer" + in: "query" + required: true + description: "" + schema: + type: "integer" + /JSON/ascan/action/setOptionMaxResultsToList/: get: - description: >- - Use view domainsAlwaysInScope instead. - deprecated: true - operationId: spiderViewOptionDomainsAlwaysInScopeEnabled + description: "" + operationId: "ascanActionSetOptionMaxResultsToList" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/optionHandleParameters/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Integer" + in: "query" + required: true + description: "" + schema: + type: "integer" + /JSON/ascan/action/setOptionMaxRuleDurationInMins/: get: - description: >- - - operationId: spiderViewOptionHandleParameters + description: "" + operationId: "ascanActionSetOptionMaxRuleDurationInMins" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/optionMaxChildren/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Integer" + in: "query" + required: true + description: "" + schema: + type: "integer" + /JSON/ascan/action/setOptionMaxScanDurationInMins/: get: - description: >- - Gets the maximum number of child nodes (per node) that can be crawled, 0 means no limit. - operationId: spiderViewOptionMaxChildren + description: "" + operationId: "ascanActionSetOptionMaxScanDurationInMins" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/optionMaxDepth/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Integer" + in: "query" + required: true + description: "" + schema: + type: "integer" + /JSON/ascan/action/setOptionMaxScansInUI/: get: - description: >- - Gets the maximum depth the spider can crawl, 0 if unlimited. - operationId: spiderViewOptionMaxDepth + description: "" + operationId: "ascanActionSetOptionMaxScansInUI" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/optionMaxDuration/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Integer" + in: "query" + required: true + description: "" + schema: + type: "integer" + /JSON/ascan/action/setOptionPromptInAttackMode/: get: - description: >- - - operationId: spiderViewOptionMaxDuration + description: "" + operationId: "ascanActionSetOptionPromptInAttackMode" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/optionMaxParseSizeBytes/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/ascan/action/setOptionPromptToClearFinishedScans/: get: - description: >- - Gets the maximum size, in bytes, that a response might have to be parsed. - operationId: spiderViewOptionMaxParseSizeBytes + description: "" + operationId: "ascanActionSetOptionPromptToClearFinishedScans" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/optionMaxScansInUI/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/ascan/action/setOptionRescanInAttackMode/: get: - description: >- - - operationId: spiderViewOptionMaxScansInUI + description: "" + operationId: "ascanActionSetOptionRescanInAttackMode" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/optionRequestWaitTime/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/ascan/action/setOptionScanHeadersAllRequests/: get: - description: >- - - operationId: spiderViewOptionRequestWaitTime + description: "Sets whether or not the HTTP Headers of all requests should be\ + \ scanned. Not just requests that send parameters, through the query or request\ + \ body." + operationId: "ascanActionSetOptionScanHeadersAllRequests" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/optionScope/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/ascan/action/setOptionScanNullJsonValues/: get: - description: >- - - operationId: spiderViewOptionScope + description: "Sets whether or not the active scanner should scan null JSON values." + operationId: "ascanActionSetOptionScanNullJsonValues" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/optionScopeText/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Boolean" + in: "query" + required: true + description: "true to scan null values, false otherwise." + schema: + type: "boolean" + /JSON/ascan/action/setOptionShowAdvancedDialog/: get: - description: >- - - operationId: spiderViewOptionScopeText + description: "" + operationId: "ascanActionSetOptionShowAdvancedDialog" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/optionSkipURLString/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/ascan/action/setOptionTargetParamsEnabledRPC/: get: - description: >- - - operationId: spiderViewOptionSkipURLString + description: "" + operationId: "ascanActionSetOptionTargetParamsEnabledRPC" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/optionThreadCount/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Integer" + in: "query" + required: true + description: "" + schema: + type: "integer" + /JSON/ascan/action/setOptionTargetParamsInjectable/: get: - description: >- - - operationId: spiderViewOptionThreadCount + description: "" + operationId: "ascanActionSetOptionTargetParamsInjectable" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/optionUserAgent/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Integer" + in: "query" + required: true + description: "" + schema: + type: "integer" + /JSON/ascan/action/setOptionThreadPerHost/: get: - description: >- - - operationId: spiderViewOptionUserAgent + description: "" + operationId: "ascanActionSetOptionThreadPerHost" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/optionAcceptCookies/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Integer" + in: "query" + required: true + description: "" + schema: + type: "integer" + /JSON/ascan/action/setPolicyAlertThreshold/: + get: + description: "" + operationId: "ascanActionSetPolicyAlertThreshold" + tags: + - "ascan" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "id" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "alertThreshold" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "scanPolicyName" + in: "query" + description: "" + schema: + type: "string" + /JSON/ascan/action/setPolicyAttackStrength/: get: - description: >- - Gets whether or not a spider process should accept cookies while spidering. - operationId: spiderViewOptionAcceptCookies + description: "" + operationId: "ascanActionSetPolicyAttackStrength" + tags: + - "ascan" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "id" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "attackStrength" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "scanPolicyName" + in: "query" + description: "" + schema: + type: "string" + /JSON/ascan/action/setScannerAlertThreshold/: + get: + description: "" + operationId: "ascanActionSetScannerAlertThreshold" + tags: + - "ascan" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "id" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "alertThreshold" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "scanPolicyName" + in: "query" + description: "" + schema: + type: "string" + /JSON/ascan/action/setScannerAttackStrength/: + get: + description: "" + operationId: "ascanActionSetScannerAttackStrength" + tags: + - "ascan" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "id" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "attackStrength" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "scanPolicyName" + in: "query" + description: "" + schema: + type: "string" + /JSON/ascan/action/skipScanner/: + get: + description: "Skips the scan rule using the given IDs of the scan and the scan\ + \ rule." + operationId: "ascanActionSkipScanner" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/optionHandleODataParametersVisited/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "scanId" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "scannerId" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/ascan/action/stop/: get: - description: >- - - operationId: spiderViewOptionHandleODataParametersVisited + description: "" + operationId: "ascanActionStop" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/optionParseComments/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "scanId" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/ascan/action/stopAllScans/: get: - description: >- - - operationId: spiderViewOptionParseComments + description: "" + operationId: "ascanActionStopAllScans" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/optionParseGit/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/action/updateScanPolicy/: + get: + description: "" + operationId: "ascanActionUpdateScanPolicy" + tags: + - "ascan" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "scanPolicyName" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "alertThreshold" + in: "query" + description: "" + schema: + type: "string" + - name: "attackStrength" + in: "query" + description: "" + schema: + type: "string" + /JSON/ascan/view/alertsIds/: get: - description: >- - - operationId: spiderViewOptionParseGit + description: "Gets the IDs of the alerts raised during the scan with the given\ + \ ID. An alert can be obtained with 'alert' core view." + operationId: "ascanViewAlertsIds" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/optionParseRobotsTxt/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "scanId" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/ascan/view/attackModeQueue/: get: - description: >- - - operationId: spiderViewOptionParseRobotsTxt + description: "" + operationId: "ascanViewAttackModeQueue" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/optionParseSVNEntries/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/excludedFromScan/: get: - description: >- - - operationId: spiderViewOptionParseSVNEntries + description: "Gets the regexes of URLs excluded from the active scans." + operationId: "ascanViewExcludedFromScan" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/optionParseSitemapXml/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/excludedParamTypes/: get: - description: >- - - operationId: spiderViewOptionParseSitemapXml + description: "Gets all the types of excluded parameters. For each type the following\ + \ are shown: the ID and the name." + operationId: "ascanViewExcludedParamTypes" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/optionPostForm/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/excludedParams/: get: - description: >- - - operationId: spiderViewOptionPostForm + description: "Gets all the parameters that are excluded. For each parameter\ + \ the following are shown: the name, the URL, and the parameter type." + operationId: "ascanViewExcludedParams" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/optionProcessForm/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/messagesIds/: get: - description: >- - - operationId: spiderViewOptionProcessForm + description: "Gets the IDs of the messages sent during the scan with the given\ + \ ID. A message can be obtained with 'message' core view." + operationId: "ascanViewMessagesIds" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/optionSendRefererHeader/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "scanId" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/ascan/view/optionAddQueryParam/: get: - description: >- - Gets whether or not the 'Referer' header should be sent while spidering. - operationId: spiderViewOptionSendRefererHeader + description: "Tells whether or not the active scanner should add a query parameter\ + \ to GET request that don't have parameters to start with." + operationId: "ascanViewOptionAddQueryParam" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/view/optionShowAdvancedDialog/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/optionAllowAttackOnStart/: get: - description: >- - - operationId: spiderViewOptionShowAdvancedDialog + description: "" + operationId: "ascanViewOptionAllowAttackOnStart" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/action/scan/: - get: - description: >- - Runs the spider against the given URL (or context). Optionally, the 'maxChildren' parameter can be set to limit the number of children scanned, the 'recurse' parameter can be used to prevent the spider from seeding recursively, the parameter 'contextName' can be used to constrain the scan to a Context and the parameter 'subtreeOnly' allows to restrict the spider under a site's subtree (using the specified 'url'). - operationId: spiderActionScan - tags: - - spider - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: url - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: maxChildren - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - - name: recurse - in: query - required: false - deprecated: false - description: "" - schema: - type: boolean - - name: contextName - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: subtreeOnly - in: query - required: false - deprecated: false - description: "" - schema: - type: boolean - /JSON/spider/action/scanAsUser/: - get: - description: >- - Runs the spider from the perspective of a User, obtained using the given Context ID and User ID. See 'scan' action for more details. - operationId: spiderActionScanAsUser - tags: - - spider - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: contextId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: userId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: url - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: maxChildren - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - - name: recurse - in: query - required: false - deprecated: false - description: "" - schema: - type: boolean - - name: subtreeOnly - in: query - required: false - deprecated: false - description: "" - schema: - type: boolean - /JSON/spider/action/pause/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/optionAttackPolicy/: get: - description: >- - - operationId: spiderActionPause + description: "" + operationId: "ascanViewOptionAttackPolicy" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: scanId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/spider/action/resume/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/optionDefaultPolicy/: get: - description: >- - - operationId: spiderActionResume + description: "" + operationId: "ascanViewOptionDefaultPolicy" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: scanId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/spider/action/stop/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/optionDelayInMs/: get: - description: >- - - operationId: spiderActionStop + description: "This option has been superseded. Use the API rate limit endpoints\ + \ in the 'network' component instead." + deprecated: true + operationId: "ascanViewOptionDelayInMs" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: scanId - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - /JSON/spider/action/removeScan/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/optionExcludedParamList/: get: - description: >- - - operationId: spiderActionRemoveScan + description: "Use view excludedParams instead." + deprecated: true + operationId: "ascanViewOptionExcludedParamList" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: scanId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/spider/action/pauseAllScans/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/optionHandleAntiCSRFTokens/: get: - description: >- - - operationId: spiderActionPauseAllScans + description: "" + operationId: "ascanViewOptionHandleAntiCSRFTokens" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/action/resumeAllScans/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/optionHostPerScan/: get: - description: >- - - operationId: spiderActionResumeAllScans + description: "" + operationId: "ascanViewOptionHostPerScan" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/action/stopAllScans/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/optionInjectPluginIdInHeader/: get: - description: >- - - operationId: spiderActionStopAllScans + description: "Tells whether or not the active scanner should inject the HTTP\ + \ request header X-ZAP-Scan-ID, with the ID of the scan rule that's sending\ + \ the requests." + operationId: "ascanViewOptionInjectPluginIdInHeader" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/action/removeAllScans/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/optionMaxAlertsPerRule/: get: - description: >- - - operationId: spiderActionRemoveAllScans + description: "Gets the maximum number of alerts that a rule can raise before\ + \ being skipped." + operationId: "ascanViewOptionMaxAlertsPerRule" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/action/clearExcludedFromScan/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/optionMaxChartTimeInMins/: get: - description: >- - Clears the regexes of URLs excluded from the spider scans. - operationId: spiderActionClearExcludedFromScan + description: "" + operationId: "ascanViewOptionMaxChartTimeInMins" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/action/excludeFromScan/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/optionMaxResultsToList/: get: - description: >- - Adds a regex of URLs that should be excluded from the spider scans. - operationId: spiderActionExcludeFromScan + description: "" + operationId: "ascanViewOptionMaxResultsToList" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: regex - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/spider/action/addDomainAlwaysInScope/: - get: - description: >- - Adds a new domain that's always in scope, using the specified value. Optionally sets if the new entry is enabled (default, true) and whether or not the new value is specified as a regex (default, false). - operationId: spiderActionAddDomainAlwaysInScope - tags: - - spider - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: value - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: isRegex - in: query - required: false - deprecated: false - description: "" - schema: - type: boolean - - name: isEnabled - in: query - required: false - deprecated: false - description: "" - schema: - type: boolean - /JSON/spider/action/modifyDomainAlwaysInScope/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/optionMaxRuleDurationInMins/: get: - description: >- - Modifies a domain that's always in scope. Allows to modify the value, if enabled or if a regex. The domain is selected with its index, which can be obtained with the view domainsAlwaysInScope. - operationId: spiderActionModifyDomainAlwaysInScope - tags: - - spider - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: idx - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: value - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: isRegex - in: query - required: false - deprecated: false - description: "" - schema: - type: boolean - - name: isEnabled - in: query - required: false - deprecated: false - description: "" - schema: - type: boolean - /JSON/spider/action/removeDomainAlwaysInScope/: + description: "" + operationId: "ascanViewOptionMaxRuleDurationInMins" + tags: + - "ascan" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/optionMaxScanDurationInMins/: get: - description: >- - Removes a domain that's always in scope, with the given index. The index can be obtained with the view domainsAlwaysInScope. - operationId: spiderActionRemoveDomainAlwaysInScope + description: "" + operationId: "ascanViewOptionMaxScanDurationInMins" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: idx - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/spider/action/enableAllDomainsAlwaysInScope/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/optionMaxScansInUI/: get: - description: >- - Enables all domains that are always in scope. - operationId: spiderActionEnableAllDomainsAlwaysInScope + description: "" + operationId: "ascanViewOptionMaxScansInUI" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/action/disableAllDomainsAlwaysInScope/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/optionPromptInAttackMode/: get: - description: >- - Disables all domains that are always in scope. - operationId: spiderActionDisableAllDomainsAlwaysInScope + description: "" + operationId: "ascanViewOptionPromptInAttackMode" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/spider/action/setOptionHandleParameters/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/optionPromptToClearFinishedScans/: get: - description: >- - - operationId: spiderActionSetOptionHandleParameters + description: "" + operationId: "ascanViewOptionPromptToClearFinishedScans" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: String - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/spider/action/setOptionScopeString/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/optionRescanInAttackMode/: get: - description: >- - Use actions [add|modify|remove]DomainAlwaysInScope instead. - operationId: spiderActionSetOptionScopeString + description: "" + operationId: "ascanViewOptionRescanInAttackMode" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: String - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/spider/action/setOptionSkipURLString/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/optionScanHeadersAllRequests/: get: - description: >- - - operationId: spiderActionSetOptionSkipURLString + description: "Tells whether or not the HTTP Headers of all requests should be\ + \ scanned. Not just requests that send parameters, through the query or request\ + \ body." + operationId: "ascanViewOptionScanHeadersAllRequests" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: String - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/spider/action/setOptionUserAgent/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/optionScanNullJsonValues/: get: - description: >- - - operationId: spiderActionSetOptionUserAgent + description: "Tells whether or not the active scanner should scan null JSON\ + \ values." + operationId: "ascanViewOptionScanNullJsonValues" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: String - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/spider/action/setOptionAcceptCookies/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/optionShowAdvancedDialog/: get: - description: >- - Sets whether or not a spider process should accept cookies while spidering. - operationId: spiderActionSetOptionAcceptCookies + description: "" + operationId: "ascanViewOptionShowAdvancedDialog" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/spider/action/setOptionHandleODataParametersVisited/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/optionTargetParamsEnabledRPC/: get: - description: >- - - operationId: spiderActionSetOptionHandleODataParametersVisited + description: "" + operationId: "ascanViewOptionTargetParamsEnabledRPC" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/spider/action/setOptionMaxChildren/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/optionTargetParamsInjectable/: get: - description: >- - Sets the maximum number of child nodes (per node) that can be crawled, 0 means no limit. - operationId: spiderActionSetOptionMaxChildren + description: "" + operationId: "ascanViewOptionTargetParamsInjectable" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: Integer - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/spider/action/setOptionMaxDepth/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/optionThreadPerHost/: get: - description: >- - Sets the maximum depth the spider can crawl, 0 for unlimited depth. - operationId: spiderActionSetOptionMaxDepth + description: "" + operationId: "ascanViewOptionThreadPerHost" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: Integer - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/spider/action/setOptionMaxDuration/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/policies/: get: - description: >- - - operationId: spiderActionSetOptionMaxDuration + description: "" + operationId: "ascanViewPolicies" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Integer - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/spider/action/setOptionMaxParseSizeBytes/: + - name: "scanPolicyName" + in: "query" + description: "" + schema: + type: "string" + - name: "policyId" + in: "query" + description: "" + schema: + type: "string" + /JSON/ascan/view/scanPolicyNames/: get: - description: >- - Sets the maximum size, in bytes, that a response might have to be parsed. This allows the spider to skip big responses/files. - operationId: spiderActionSetOptionMaxParseSizeBytes + description: "" + operationId: "ascanViewScanPolicyNames" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: Integer - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/spider/action/setOptionMaxScansInUI/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/scanProgress/: get: - description: >- - - operationId: spiderActionSetOptionMaxScansInUI + description: "" + operationId: "ascanViewScanProgress" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Integer - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/spider/action/setOptionParseComments/: + - name: "scanId" + in: "query" + description: "" + schema: + type: "string" + /JSON/ascan/view/scanners/: get: - description: >- - - operationId: spiderActionSetOptionParseComments + description: "Gets the scan rules, optionally, of the given scan policy or scanner\ + \ policy/category ID." + operationId: "ascanViewScanners" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/spider/action/setOptionParseGit/: + - name: "scanPolicyName" + in: "query" + description: "" + schema: + type: "string" + - name: "policyId" + in: "query" + description: "" + schema: + type: "string" + /JSON/ascan/view/scans/: get: - description: >- - - operationId: spiderActionSetOptionParseGit + description: "" + operationId: "ascanViewScans" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/spider/action/setOptionParseRobotsTxt/: + $ref: "#/components/responses/ErrorJson" + /JSON/ascan/view/status/: get: - description: >- - - operationId: spiderActionSetOptionParseRobotsTxt + description: "" + operationId: "ascanViewStatus" tags: - - spider + - "ascan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/spider/action/setOptionParseSVNEntries/: + - name: "scanId" + in: "query" + description: "" + schema: + type: "string" + /JSON/authentication/action/setAuthenticationMethod/: + get: + description: "Sets the authentication method for the context with the given\ + \ ID." + operationId: "authenticationActionSetAuthenticationMethod" + tags: + - "authentication" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextId" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "authMethodName" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "authMethodConfigParams" + in: "query" + description: "" + schema: + type: "string" + /JSON/authentication/action/setLoggedInIndicator/: get: - description: >- - - operationId: spiderActionSetOptionParseSVNEntries + description: "Sets the logged in indicator for the context with the given ID." + operationId: "authenticationActionSetLoggedInIndicator" tags: - - spider + - "authentication" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/spider/action/setOptionParseSitemapXml/: + - name: "contextId" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "loggedInIndicatorRegex" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/authentication/action/setLoggedOutIndicator/: get: - description: >- - - operationId: spiderActionSetOptionParseSitemapXml + description: "Sets the logged out indicator for the context with the given ID." + operationId: "authenticationActionSetLoggedOutIndicator" tags: - - spider + - "authentication" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/spider/action/setOptionPostForm/: + - name: "contextId" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "loggedOutIndicatorRegex" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/authentication/view/getAuthenticationMethod/: get: - description: >- - - operationId: spiderActionSetOptionPostForm + description: "Gets the name of the authentication method for the context with\ + \ the given ID." + operationId: "authenticationViewGetAuthenticationMethod" tags: - - spider + - "authentication" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/spider/action/setOptionProcessForm/: + - name: "contextId" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/authentication/view/getAuthenticationMethodConfigParams/: get: - description: >- - - operationId: spiderActionSetOptionProcessForm + description: "Gets the configuration parameters for the authentication method\ + \ with the given name." + operationId: "authenticationViewGetAuthenticationMethodConfigParams" tags: - - spider + - "authentication" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/spider/action/setOptionRequestWaitTime/: + - name: "authMethodName" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/authentication/view/getLoggedInIndicator/: get: - description: >- - - operationId: spiderActionSetOptionRequestWaitTime + description: "Gets the logged in indicator for the context with the given ID." + operationId: "authenticationViewGetLoggedInIndicator" tags: - - spider + - "authentication" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Integer - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/spider/action/setOptionSendRefererHeader/: + - name: "contextId" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/authentication/view/getLoggedOutIndicator/: get: - description: >- - Sets whether or not the 'Referer' header should be sent while spidering. - operationId: spiderActionSetOptionSendRefererHeader + description: "Gets the logged out indicator for the context with the given ID." + operationId: "authenticationViewGetLoggedOutIndicator" tags: - - spider + - "authentication" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/spider/action/setOptionShowAdvancedDialog/: + - name: "contextId" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/authentication/view/getSupportedAuthenticationMethods/: get: - description: >- - - operationId: spiderActionSetOptionShowAdvancedDialog + description: "Gets the name of the authentication methods." + operationId: "authenticationViewGetSupportedAuthenticationMethods" tags: - - spider + - "authentication" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/spider/action/setOptionThreadCount/: + $ref: "#/components/responses/ErrorJson" + /JSON/authorization/action/setBasicAuthorizationDetectionMethod/: + get: + description: "Sets the authorization detection method for a context as one that\ + \ identifies un-authorized messages based on: the message's status code or\ + \ a regex pattern in the response's header or body. Also, whether all conditions\ + \ must match or just some can be specified via the logicalOperator parameter,\ + \ which accepts two values: \"AND\" (default), \"OR\". " + operationId: "authorizationActionSetBasicAuthorizationDetectionMethod" + tags: + - "authorization" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextId" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "headerRegex" + in: "query" + description: "" + schema: + type: "string" + - name: "bodyRegex" + in: "query" + description: "" + schema: + type: "string" + - name: "statusCode" + in: "query" + description: "" + schema: + type: "string" + - name: "logicalOperator" + in: "query" + description: "" + schema: + type: "string" + /JSON/authorization/view/getAuthorizationDetectionMethod/: get: - description: >- - - operationId: spiderActionSetOptionThreadCount + description: "Obtains all the configuration of the authorization detection method\ + \ that is currently set for a context." + operationId: "authorizationViewGetAuthorizationDetectionMethod" tags: - - spider + - "authorization" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Integer - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/core/view/hosts/: + - name: "contextId" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/automation/action/endDelayJob/: get: - description: >- - Gets the name of the hosts accessed through/by ZAP - operationId: coreViewHosts + description: "" + operationId: "automationActionEndDelayJob" tags: - - core + - "automation" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/sites/: + $ref: "#/components/responses/ErrorJson" + /JSON/automation/action/runPlan/: get: - description: >- - Gets the sites accessed through/by ZAP (scheme and domain) - operationId: coreViewSites + description: "" + operationId: "automationActionRunPlan" tags: - - core + - "automation" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/urls/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "filePath" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/automation/view/planProgress/: get: - description: >- - Gets the URLs accessed through/by ZAP, optionally filtering by (base) URL. - operationId: coreViewUrls + description: "" + operationId: "automationViewPlanProgress" tags: - - core + - "automation" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: baseurl - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/core/view/childNodes/: + - name: "planId" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/autoupdate/action/downloadLatestRelease/: get: - description: >- - Gets the child nodes underneath the specified URL in the Sites tree - operationId: coreViewChildNodes + description: "Downloads the latest release, if any " + operationId: "autoupdateActionDownloadLatestRelease" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: url - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/core/view/message/: + $ref: "#/components/responses/ErrorJson" + /JSON/autoupdate/action/installAddon/: get: - description: >- - Gets the HTTP message with the given ID. Returns the ID, request/response headers and bodies, cookies, note, type, RTT, and timestamp. - operationId: coreViewMessage + description: "Installs or updates the specified add-on, returning when complete\ + \ (i.e. not asynchronously)" + operationId: "autoupdateActionInstallAddon" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: id - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/core/view/messages/: - get: - description: >- - Gets the HTTP messages sent by ZAP, request and response, optionally filtered by URL and paginated with 'start' position and 'count' of messages - operationId: coreViewMessages - tags: - - core - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: baseurl - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: start - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - - name: count - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - /JSON/core/view/messagesById/: + - name: "id" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/autoupdate/action/installLocalAddon/: get: - description: >- - Gets the HTTP messages with the given IDs. - operationId: coreViewMessagesById + description: "" + operationId: "autoupdateActionInstallLocalAddon" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: ids - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/core/view/numberOfMessages/: + - name: "file" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/autoupdate/action/setOptionCheckAddonUpdates/: get: - description: >- - Gets the number of messages, optionally filtering by URL - operationId: coreViewNumberOfMessages + description: "" + operationId: "autoupdateActionSetOptionCheckAddonUpdates" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: baseurl - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/core/view/mode/: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/autoupdate/action/setOptionCheckOnStart/: get: - description: >- - Gets the mode - operationId: coreViewMode + description: "" + operationId: "autoupdateActionSetOptionCheckOnStart" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/version/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/autoupdate/action/setOptionDownloadNewRelease/: get: - description: >- - Gets ZAP version - operationId: coreViewVersion + description: "" + operationId: "autoupdateActionSetOptionDownloadNewRelease" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/excludedFromProxy/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/autoupdate/action/setOptionInstallAddonUpdates/: get: - description: >- - Gets the regular expressions, applied to URLs, to exclude from the local proxies. - operationId: coreViewExcludedFromProxy + description: "" + operationId: "autoupdateActionSetOptionInstallAddonUpdates" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/homeDirectory/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/autoupdate/action/setOptionInstallScannerRules/: get: - description: >- - - operationId: coreViewHomeDirectory + description: "" + operationId: "autoupdateActionSetOptionInstallScannerRules" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/sessionLocation/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/autoupdate/action/setOptionReportAlphaAddons/: get: - description: >- - Gets the location of the current session file - operationId: coreViewSessionLocation + description: "" + operationId: "autoupdateActionSetOptionReportAlphaAddons" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/proxyChainExcludedDomains/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/autoupdate/action/setOptionReportBetaAddons/: get: - description: >- - Gets all the domains that are excluded from the outgoing proxy. For each domain the following are shown: the index, the value (domain), if enabled, and if specified as a regex. - operationId: coreViewProxyChainExcludedDomains + description: "" + operationId: "autoupdateActionSetOptionReportBetaAddons" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/optionProxyChainSkipName/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/autoupdate/action/setOptionReportReleaseAddons/: get: - description: >- - Use view proxyChainExcludedDomains instead. - deprecated: true - operationId: coreViewOptionProxyChainSkipName + description: "" + operationId: "autoupdateActionSetOptionReportReleaseAddons" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/optionProxyExcludedDomains/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/autoupdate/action/uninstallAddon/: get: - description: >- - Use view proxyChainExcludedDomains instead. - deprecated: true - operationId: coreViewOptionProxyExcludedDomains + description: "Uninstalls the specified add-on " + operationId: "autoupdateActionUninstallAddon" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/optionProxyExcludedDomainsEnabled/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "id" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/autoupdate/view/installedAddons/: get: - description: >- - Use view proxyChainExcludedDomains instead. - deprecated: true - operationId: coreViewOptionProxyExcludedDomainsEnabled + description: "Return a list of all of the installed add-ons" + operationId: "autoupdateViewInstalledAddons" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/zapHomePath/: + $ref: "#/components/responses/ErrorJson" + /JSON/autoupdate/view/isLatestVersion/: get: - description: >- - Gets the path to ZAP's home directory. - operationId: coreViewZapHomePath + description: "Returns 'true' if ZAP is on the latest version" + operationId: "autoupdateViewIsLatestVersion" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/optionMaximumAlertInstances/: + $ref: "#/components/responses/ErrorJson" + /JSON/autoupdate/view/latestVersionNumber/: get: - description: >- - Gets the maximum number of alert instances to include in a report. - operationId: coreViewOptionMaximumAlertInstances + description: "Returns the latest version number" + operationId: "autoupdateViewLatestVersionNumber" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/optionMergeRelatedAlerts/: + $ref: "#/components/responses/ErrorJson" + /JSON/autoupdate/view/localAddons/: get: - description: >- - Gets whether or not related alerts will be merged in any reports generated. - operationId: coreViewOptionMergeRelatedAlerts + description: "Returns a list with all local add-ons, installed or not." + operationId: "autoupdateViewLocalAddons" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/optionAlertOverridesFilePath/: + $ref: "#/components/responses/ErrorJson" + /JSON/autoupdate/view/marketplaceAddons/: get: - description: >- - Gets the path to the file with alert overrides. - operationId: coreViewOptionAlertOverridesFilePath + description: "Return a list of all of the add-ons on the ZAP Marketplace (this\ + \ information is read once and then cached)" + operationId: "autoupdateViewMarketplaceAddons" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/alert/: + $ref: "#/components/responses/ErrorJson" + /JSON/autoupdate/view/newAddons/: get: - description: >- - Gets the alert with the given ID, the corresponding HTTP message can be obtained with the 'messageId' field and 'message' API method - deprecated: true - operationId: coreViewAlert + description: "Return a list of any add-ons that have been added to the Marketplace\ + \ since the last check for updates" + operationId: "autoupdateViewNewAddons" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: id - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/core/view/alerts/: - get: - description: >- - Gets the alerts raised by ZAP, optionally filtering by URL or riskId, and paginating with 'start' position and 'count' of alerts - deprecated: true - operationId: coreViewAlerts - tags: - - core - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: baseurl - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: start - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - - name: count - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - - name: riskId - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/core/view/alertsSummary/: + $ref: "#/components/responses/ErrorJson" + /JSON/autoupdate/view/optionAddonDirectories/: get: - description: >- - Gets number of alerts grouped by each risk level, optionally filtering by URL - deprecated: true - operationId: coreViewAlertsSummary + description: "" + operationId: "autoupdateViewOptionAddonDirectories" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: baseurl - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/core/view/numberOfAlerts/: - get: - description: >- - Gets the number of alerts, optionally filtering by URL or riskId - deprecated: true - operationId: coreViewNumberOfAlerts - tags: - - core - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: baseurl - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: riskId - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/core/view/optionDefaultUserAgent/: + $ref: "#/components/responses/ErrorJson" + /JSON/autoupdate/view/optionCheckAddonUpdates/: get: - description: >- - Gets the user agent that ZAP should use when creating HTTP messages (for example, spider messages or CONNECT requests to outgoing proxy). - operationId: coreViewOptionDefaultUserAgent + description: "" + operationId: "autoupdateViewOptionCheckAddonUpdates" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/optionDnsTtlSuccessfulQueries/: + $ref: "#/components/responses/ErrorJson" + /JSON/autoupdate/view/optionCheckOnStart/: get: - description: >- - Gets the TTL (in seconds) of successful DNS queries. - operationId: coreViewOptionDnsTtlSuccessfulQueries + description: "" + operationId: "autoupdateViewOptionCheckOnStart" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/optionHttpState/: + $ref: "#/components/responses/ErrorJson" + /JSON/autoupdate/view/optionDayLastChecked/: get: - description: >- - - operationId: coreViewOptionHttpState + description: "" + operationId: "autoupdateViewOptionDayLastChecked" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/optionProxyChainName/: + $ref: "#/components/responses/ErrorJson" + /JSON/autoupdate/view/optionDayLastInstallWarned/: get: - description: >- - - operationId: coreViewOptionProxyChainName + description: "" + operationId: "autoupdateViewOptionDayLastInstallWarned" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/optionProxyChainPassword/: + $ref: "#/components/responses/ErrorJson" + /JSON/autoupdate/view/optionDayLastUpdateWarned/: get: - description: >- - - operationId: coreViewOptionProxyChainPassword + description: "" + operationId: "autoupdateViewOptionDayLastUpdateWarned" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/optionProxyChainPort/: + $ref: "#/components/responses/ErrorJson" + /JSON/autoupdate/view/optionDownloadDirectory/: get: - description: >- - - operationId: coreViewOptionProxyChainPort + description: "" + operationId: "autoupdateViewOptionDownloadDirectory" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/optionProxyChainRealm/: + $ref: "#/components/responses/ErrorJson" + /JSON/autoupdate/view/optionDownloadNewRelease/: get: - description: >- - - operationId: coreViewOptionProxyChainRealm + description: "" + operationId: "autoupdateViewOptionDownloadNewRelease" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/optionProxyChainUserName/: + $ref: "#/components/responses/ErrorJson" + /JSON/autoupdate/view/optionInstallAddonUpdates/: get: - description: >- - - operationId: coreViewOptionProxyChainUserName + description: "" + operationId: "autoupdateViewOptionInstallAddonUpdates" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/optionTimeoutInSecs/: + $ref: "#/components/responses/ErrorJson" + /JSON/autoupdate/view/optionInstallScannerRules/: get: - description: >- - Gets the connection time out, in seconds. - operationId: coreViewOptionTimeoutInSecs + description: "" + operationId: "autoupdateViewOptionInstallScannerRules" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/optionHttpStateEnabled/: + $ref: "#/components/responses/ErrorJson" + /JSON/autoupdate/view/optionReportAlphaAddons/: get: - description: >- - - operationId: coreViewOptionHttpStateEnabled + description: "" + operationId: "autoupdateViewOptionReportAlphaAddons" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/optionProxyChainPrompt/: + $ref: "#/components/responses/ErrorJson" + /JSON/autoupdate/view/optionReportBetaAddons/: get: - description: >- - - operationId: coreViewOptionProxyChainPrompt + description: "" + operationId: "autoupdateViewOptionReportBetaAddons" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/optionSingleCookieRequestHeader/: + $ref: "#/components/responses/ErrorJson" + /JSON/autoupdate/view/optionReportReleaseAddons/: get: - description: >- - - operationId: coreViewOptionSingleCookieRequestHeader + description: "" + operationId: "autoupdateViewOptionReportReleaseAddons" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/optionUseProxyChain/: + $ref: "#/components/responses/ErrorJson" + /JSON/autoupdate/view/updatedAddons/: get: - description: >- - - operationId: coreViewOptionUseProxyChain + description: "Return a list of any add-ons that have been changed in the Marketplace\ + \ since the last check for updates" + operationId: "autoupdateViewUpdatedAddons" tags: - - core + - "autoupdate" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/view/optionUseProxyChainAuth/: + $ref: "#/components/responses/ErrorJson" + /JSON/break/action/addHttpBreakpoint/: + get: + description: "Adds a custom HTTP breakpoint. The string is the string to match.\ + \ Location may be one of: url, request_header, request_body, response_header\ + \ or response_body. Match may be: contains or regex. Inverse (match) may be\ + \ true or false. Lastly, ignorecase (when matching the string) may be true\ + \ or false. " + operationId: "breakActionAddHttpBreakpoint" + tags: + - "break" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "string" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "location" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "match" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "inverse" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "ignorecase" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/break/action/break/: + get: + description: "Controls the global break functionality. The type may be one of:\ + \ http-all, http-request or http-response. The state may be true (for turning\ + \ break on for the specified type) or false (for turning break off). Scope\ + \ is not currently used." + operationId: "breakActionBreak" + tags: + - "break" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "type" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "state" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "scope" + in: "query" + description: "" + schema: + type: "string" + /JSON/break/action/continue/: get: - description: >- - - operationId: coreViewOptionUseProxyChainAuth + description: "Submits the currently intercepted message and unsets the global\ + \ request/response breakpoints" + operationId: "breakActionContinue" tags: - - core + - "break" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/action/accessUrl/: - get: - description: >- - Convenient and simple action to access a URL, optionally following redirections. Returns the request sent and response received and followed redirections, if any. Other actions are available which offer more control on what is sent, like, 'sendRequest' or 'sendHarRequest'. - operationId: coreActionAccessUrl - tags: - - core - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: url - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: followRedirects - in: query - required: false - deprecated: false - description: "" - schema: - type: boolean - /JSON/core/action/shutdown/: + $ref: "#/components/responses/ErrorJson" + /JSON/break/action/drop/: get: - description: >- - Shuts down ZAP - operationId: coreActionShutdown + description: "Drops the currently intercepted message" + operationId: "breakActionDrop" tags: - - core + - "break" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/action/newSession/: + $ref: "#/components/responses/ErrorJson" + /JSON/break/action/removeHttpBreakpoint/: get: - description: >- - Creates a new session, optionally overwriting existing files. If a relative path is specified it will be resolved against the "session" directory in ZAP "home" dir. - operationId: coreActionNewSession - tags: - - core - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: name - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: overwrite - in: query - required: false - deprecated: false - description: "" - schema: - type: boolean - /JSON/core/action/loadSession/: + description: "Removes the specified breakpoint" + operationId: "breakActionRemoveHttpBreakpoint" + tags: + - "break" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "string" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "location" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "match" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "inverse" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "ignorecase" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/break/action/setHttpMessage/: get: - description: >- - Loads the session with the given name. If a relative path is specified it will be resolved against the "session" directory in ZAP "home" dir. - operationId: coreActionLoadSession + description: "Overwrites the currently intercepted message with the data provided" + operationId: "breakActionSetHttpMessage" tags: - - core + - "break" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: name - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/core/action/saveSession/: - get: - description: >- - Saves the session with the name supplied, optionally overwriting existing files. If a relative path is specified it will be resolved against the "session" directory in ZAP "home" dir. - operationId: coreActionSaveSession - tags: - - core - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: name - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: overwrite - in: query - required: false - deprecated: false - description: "" - schema: - type: boolean - /JSON/core/action/snapshotSession/: - get: - description: >- - Snapshots the session, optionally with the given name, and overwriting existing files. If no name is specified the name of the current session with a timestamp appended is used. If a relative path is specified it will be resolved against the "session" directory in ZAP "home" dir. - operationId: coreActionSnapshotSession - tags: - - core - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: name - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: overwrite - in: query - required: false - deprecated: false - description: "" - schema: - type: boolean - /JSON/core/action/clearExcludedFromProxy/: + - name: "httpHeader" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "httpBody" + in: "query" + description: "" + schema: + type: "string" + /JSON/break/action/step/: get: - description: >- - Clears the regexes of URLs excluded from the local proxies. - operationId: coreActionClearExcludedFromProxy + description: "Submits the currently intercepted message, the next request or\ + \ response will automatically be intercepted" + operationId: "breakActionStep" tags: - - core + - "break" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/action/excludeFromProxy/: + $ref: "#/components/responses/ErrorJson" + /JSON/break/view/httpMessage/: get: - description: >- - Adds a regex of URLs that should be excluded from the local proxies. - operationId: coreActionExcludeFromProxy + description: "Returns the HTTP message currently intercepted (if any)" + operationId: "breakViewHttpMessage" tags: - - core + - "break" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: regex - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/core/action/setHomeDirectory/: + $ref: "#/components/responses/ErrorJson" + /JSON/break/view/isBreakAll/: get: - description: >- - - operationId: coreActionSetHomeDirectory + description: "Returns True if ZAP will break on both requests and responses" + operationId: "breakViewIsBreakAll" tags: - - core + - "break" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: dir - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/core/action/setMode/: + $ref: "#/components/responses/ErrorJson" + /JSON/break/view/isBreakRequest/: get: - description: >- - Sets the mode, which may be one of [safe, protect, standard, attack] - operationId: coreActionSetMode + description: "Returns True if ZAP will break on requests" + operationId: "breakViewIsBreakRequest" tags: - - core + - "break" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: mode - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/core/action/generateRootCA/: + $ref: "#/components/responses/ErrorJson" + /JSON/break/view/isBreakResponse/: get: - description: >- - Generates a new Root CA certificate for the local proxies. - operationId: coreActionGenerateRootCA + description: "Returns True if ZAP will break on responses" + operationId: "breakViewIsBreakResponse" tags: - - core + - "break" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/action/sendRequest/: - get: - description: >- - Sends the HTTP request, optionally following redirections. Returns the request sent and response received and followed redirections, if any. The Mode is enforced when sending the request (and following redirections), custom manual requests are not allowed in 'Safe' mode nor in 'Protected' mode if out of scope. - operationId: coreActionSendRequest - tags: - - core - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: request - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: followRedirects - in: query - required: false - deprecated: false - description: "" - schema: - type: boolean - /JSON/core/action/runGarbageCollection/: + $ref: "#/components/responses/ErrorJson" + /JSON/client/action/reportEvent/: get: - description: >- - - operationId: coreActionRunGarbageCollection + description: "" + operationId: "clientActionReportEvent" tags: - - core + - "client" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/action/deleteSiteNode/: - get: - description: >- - Deletes the site node found in the Sites Tree on the basis of the URL, HTTP method, and post data (if applicable and specified). - operationId: coreActionDeleteSiteNode - tags: - - core - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: url - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: method - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: postData - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/core/action/addProxyChainExcludedDomain/: - get: - description: >- - Adds a domain to be excluded from the outgoing proxy, using the specified value. Optionally sets if the new entry is enabled (default, true) and whether or not the new value is specified as a regex (default, false). - operationId: coreActionAddProxyChainExcludedDomain - tags: - - core - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: value - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: isRegex - in: query - required: false - deprecated: false - description: "" - schema: - type: boolean - - name: isEnabled - in: query - required: false - deprecated: false - description: "" - schema: - type: boolean - /JSON/core/action/modifyProxyChainExcludedDomain/: - get: - description: >- - Modifies a domain excluded from the outgoing proxy. Allows to modify the value, if enabled or if a regex. The domain is selected with its index, which can be obtained with the view proxyChainExcludedDomains. - operationId: coreActionModifyProxyChainExcludedDomain - tags: - - core - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: idx - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: value - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: isRegex - in: query - required: false - deprecated: false - description: "" - schema: - type: boolean - - name: isEnabled - in: query - required: false - deprecated: false - description: "" - schema: - type: boolean - /JSON/core/action/removeProxyChainExcludedDomain/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "eventJson" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/client/action/reportObject/: get: - description: >- - Removes a domain excluded from the outgoing proxy, with the given index. The index can be obtained with the view proxyChainExcludedDomains. - operationId: coreActionRemoveProxyChainExcludedDomain + description: "" + operationId: "clientActionReportObject" tags: - - core + - "client" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: idx - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/core/action/enableAllProxyChainExcludedDomains/: + - name: "objectJson" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/client/action/reportZestScript/: + get: + description: "" + operationId: "clientActionReportZestScript" + tags: + - "client" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "scriptJson" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/client/action/reportZestStatement/: + get: + description: "" + operationId: "clientActionReportZestStatement" + tags: + - "client" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "statementJson" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/codedx/action/generateAndUpload/: + get: + description: "" + operationId: "codedxActionGenerateAndUpload" + tags: + - "codedx" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "serverUrl" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "codeDxApiKey" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "projectId" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "fingerprint" + in: "query" + description: "" + schema: + type: "string" + - name: "acceptPermanently" + in: "query" + description: "" + schema: + type: "string" + /JSON/codedx/action/uploadReport/: + get: + description: "" + operationId: "codedxActionUploadReport" + tags: + - "codedx" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "filePath" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "serverUrl" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "codeDxApiKey" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "projectId" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "fingerprint" + in: "query" + description: "" + schema: + type: "string" + - name: "acceptPermanently" + in: "query" + description: "" + schema: + type: "string" + /JSON/codedx/view/generateReport/: + get: + description: "" + operationId: "codedxViewGenerateReport" + tags: + - "codedx" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/context/action/excludeAllContextTechnologies/: get: - description: >- - Enables all domains excluded from the outgoing proxy. - operationId: coreActionEnableAllProxyChainExcludedDomains + description: "Excludes all built in technologies from a context" + operationId: "contextActionExcludeAllContextTechnologies" tags: - - core + - "context" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/action/disableAllProxyChainExcludedDomains/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextName" + in: "query" + required: true + description: "The name of the context" + schema: + type: "string" + /JSON/context/action/excludeContextTechnologies/: get: - description: >- - Disables all domains excluded from the outgoing proxy. - operationId: coreActionDisableAllProxyChainExcludedDomains + description: "Excludes technologies with the given names, separated by a comma,\ + \ from a context" + operationId: "contextActionExcludeContextTechnologies" tags: - - core + - "context" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/action/setOptionMaximumAlertInstances/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextName" + in: "query" + required: true + description: "The name of the context" + schema: + type: "string" + - name: "technologyNames" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/context/action/excludeFromContext/: get: - description: >- - Sets the maximum number of alert instances to include in a report. A value of zero is treated as unlimited. - operationId: coreActionSetOptionMaximumAlertInstances + description: "Add exclude regex to context" + operationId: "contextActionExcludeFromContext" tags: - - core + - "context" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: numberOfInstances - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/core/action/setOptionMergeRelatedAlerts/: + - name: "contextName" + in: "query" + required: true + description: "The name of the context" + schema: + type: "string" + - name: "regex" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/context/action/exportContext/: get: - description: >- - Sets whether or not related alerts will be merged in any reports generated. - operationId: coreActionSetOptionMergeRelatedAlerts + description: "Exports the context with the given name to a file. If a relative\ + \ file path is specified it will be resolved against the \"contexts\" directory\ + \ in ZAP \"home\" dir." + operationId: "contextActionExportContext" tags: - - core + - "context" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: enabled - in: query - required: true - deprecated: false - description: "" - schema: - type: boolean - /JSON/core/action/setOptionAlertOverridesFilePath/: + - name: "contextName" + in: "query" + required: true + description: "The name of the context" + schema: + type: "string" + - name: "contextFile" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/context/action/importContext/: get: - description: >- - Sets (or clears, if empty) the path to the file with alert overrides. - operationId: coreActionSetOptionAlertOverridesFilePath + description: "Imports a context from a file. If a relative file path is specified\ + \ it will be resolved against the \"contexts\" directory in ZAP \"home\" dir." + operationId: "contextActionImportContext" tags: - - core + - "context" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: filePath - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/core/action/enablePKCS12ClientCertificate/: - get: - description: >- - Enables use of a PKCS12 client certificate for the certificate with the given file system path, password, and optional index. - operationId: coreActionEnablePKCS12ClientCertificate - tags: - - core - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: filePath - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: password - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: index - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/core/action/disableClientCertificate/: + - name: "contextFile" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/context/action/includeAllContextTechnologies/: get: - description: >- - Disables the option for use of client certificates. - operationId: coreActionDisableClientCertificate + description: "Includes all built in technologies in to a context" + operationId: "contextActionIncludeAllContextTechnologies" tags: - - core + - "context" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/action/deleteAllAlerts/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextName" + in: "query" + required: true + description: "The name of the context" + schema: + type: "string" + /JSON/context/action/includeContextTechnologies/: get: - description: >- - Deletes all alerts of the current session. - deprecated: true - operationId: coreActionDeleteAllAlerts + description: "Includes technologies with the given names, separated by a comma,\ + \ to a context" + operationId: "contextActionIncludeContextTechnologies" tags: - - core + - "context" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/core/action/deleteAlert/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextName" + in: "query" + required: true + description: "The name of the context" + schema: + type: "string" + - name: "technologyNames" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/context/action/includeInContext/: + get: + description: "Add include regex to context" + operationId: "contextActionIncludeInContext" + tags: + - "context" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextName" + in: "query" + required: true + description: "The name of the context" + schema: + type: "string" + - name: "regex" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/context/action/newContext/: + get: + description: "Creates a new context with the given name in the current session" + operationId: "contextActionNewContext" + tags: + - "context" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextName" + in: "query" + required: true + description: "The name of the context" + schema: + type: "string" + /JSON/context/action/removeContext/: + get: + description: "Removes a context in the current session" + operationId: "contextActionRemoveContext" + tags: + - "context" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextName" + in: "query" + required: true + description: "The name of the context" + schema: + type: "string" + /JSON/context/action/setContextCheckingStrategy/: + get: + description: "Set the checking strategy for a context - this defines how ZAP\ + \ checks that a request is authenticated" + operationId: "contextActionSetContextCheckingStrategy" + tags: + - "context" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextName" + in: "query" + required: true + description: "The name of the context" + schema: + type: "string" + - name: "checkingStrategy" + in: "query" + required: true + description: "One of EACH_RESP, EACH_REQ, EACH_REQ_RESP, POLL_URL" + schema: + type: "string" + - name: "pollUrl" + in: "query" + description: "The URL for ZAP to poll, must be supplied if checkingStrategy\ + \ = POLL_URL, otherwise ignored" + schema: + type: "string" + - name: "pollData" + in: "query" + description: "The POST data to supply to the pollUrl, option and only takes\ + \ effect if checkingStrategy = POLL_URL" + schema: + type: "string" + - name: "pollHeaders" + in: "query" + description: "Any additional headers that need to be added to the poll request,\ + \ separated by '\\n' characters, only takes effect if checkingStrategy = POLL_URL" + schema: + type: "string" + - name: "pollFrequency" + in: "query" + description: "An integer greater than zero, must be supplied if checkingStrategy\ + \ = POLL_URL, otherwise ignored" + schema: + type: "string" + - name: "pollFrequencyUnits" + in: "query" + description: "One of REQUESTS, SECONDS, must be supplied if checkingStrategy\ + \ = POLL_URL, otherwise ignored" + schema: + type: "string" + /JSON/context/action/setContextInScope/: + get: + description: "Sets a context to in scope (contexts are in scope by default)" + operationId: "contextActionSetContextInScope" + tags: + - "context" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextName" + in: "query" + required: true + description: "The name of the context" + schema: + type: "string" + - name: "booleanInScope" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/context/action/setContextRegexs/: + get: + description: "Set the regexs to include and exclude for a context, both supplied\ + \ as JSON string arrays" + operationId: "contextActionSetContextRegexs" + tags: + - "context" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextName" + in: "query" + required: true + description: "The name of the context" + schema: + type: "string" + - name: "incRegexs" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "excRegexs" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/context/view/context/: + get: + description: "List the information about the named context" + operationId: "contextViewContext" + tags: + - "context" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextName" + in: "query" + required: true + description: "The name of the context" + schema: + type: "string" + /JSON/context/view/contextList/: + get: + description: "List context names of current session" + operationId: "contextViewContextList" + tags: + - "context" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/context/view/excludeRegexs/: + get: + description: "List excluded regexs for context" + operationId: "contextViewExcludeRegexs" + tags: + - "context" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextName" + in: "query" + required: true + description: "The name of the context" + schema: + type: "string" + /JSON/context/view/excludedTechnologyList/: + get: + description: "Lists the names of all technologies excluded from a context" + operationId: "contextViewExcludedTechnologyList" + tags: + - "context" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextName" + in: "query" + required: true + description: "The name of the context" + schema: + type: "string" + /JSON/context/view/includeRegexs/: + get: + description: "List included regexs for context" + operationId: "contextViewIncludeRegexs" + tags: + - "context" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextName" + in: "query" + required: true + description: "The name of the context" + schema: + type: "string" + /JSON/context/view/includedTechnologyList/: + get: + description: "Lists the names of all technologies included in a context" + operationId: "contextViewIncludedTechnologyList" + tags: + - "context" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextName" + in: "query" + required: true + description: "The name of the context" + schema: + type: "string" + /JSON/context/view/technologyList/: + get: + description: "Lists the names of all built in technologies" + operationId: "contextViewTechnologyList" + tags: + - "context" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/context/view/urls/: + get: + description: "Lists the URLs accessed through/by ZAP, that belong to the context\ + \ with the given name." + operationId: "contextViewUrls" + tags: + - "context" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextName" + in: "query" + required: true + description: "The name of the context" + schema: + type: "string" + /JSON/core/action/accessUrl/: + get: + description: "Convenient and simple action to access a URL, optionally following\ + \ redirections. Returns the request sent and response received and followed\ + \ redirections, if any. Other actions are available which offer more control\ + \ on what is sent, like, 'sendRequest' or 'sendHarRequest'." + operationId: "coreActionAccessUrl" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "url" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "followRedirects" + in: "query" + description: "" + schema: + type: "string" + /JSON/core/action/addProxyChainExcludedDomain/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreActionAddProxyChainExcludedDomain" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "value" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "isRegex" + in: "query" + description: "" + schema: + type: "string" + - name: "isEnabled" + in: "query" + description: "" + schema: + type: "string" + /JSON/core/action/clearExcludedFromProxy/: + get: + description: "Clears the regexes of URLs excluded from the local proxies." + operationId: "coreActionClearExcludedFromProxy" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/action/deleteAlert/: + get: + description: "Use the API endpoint with the same name in the 'alert' component\ + \ instead." + deprecated: true + operationId: "coreActionDeleteAlert" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "id" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/core/action/deleteAllAlerts/: + get: + description: "Use the API endpoint with the same name in the 'alert' component\ + \ instead." + deprecated: true + operationId: "coreActionDeleteAllAlerts" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/action/deleteSiteNode/: + get: + description: "Deletes the site node found in the Sites Tree on the basis of\ + \ the URL, HTTP method, and post data (if applicable and specified). " + operationId: "coreActionDeleteSiteNode" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "url" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "method" + in: "query" + description: "" + schema: + type: "string" + - name: "postData" + in: "query" + description: "" + schema: + type: "string" + /JSON/core/action/disableAllProxyChainExcludedDomains/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreActionDisableAllProxyChainExcludedDomains" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/action/disableClientCertificate/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreActionDisableClientCertificate" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/action/enableAllProxyChainExcludedDomains/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreActionEnableAllProxyChainExcludedDomains" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/action/enablePKCS12ClientCertificate/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreActionEnablePKCS12ClientCertificate" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "filePath" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "password" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "index" + in: "query" + description: "" + schema: + type: "string" + /JSON/core/action/excludeFromProxy/: + get: + description: "Adds a regex of URLs that should be excluded from the local proxies." + operationId: "coreActionExcludeFromProxy" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "regex" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/core/action/generateRootCA/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreActionGenerateRootCA" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/action/loadSession/: + get: + description: "Loads the session with the given name. If a relative path is specified\ + \ it will be resolved against the \"session\" directory in ZAP \"home\" dir." + operationId: "coreActionLoadSession" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "name" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/core/action/modifyProxyChainExcludedDomain/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreActionModifyProxyChainExcludedDomain" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "idx" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "value" + in: "query" + description: "" + schema: + type: "string" + - name: "isRegex" + in: "query" + description: "" + schema: + type: "string" + - name: "isEnabled" + in: "query" + description: "" + schema: + type: "string" + /JSON/core/action/newSession/: + get: + description: "Creates a new session, optionally overwriting existing files.\ + \ If a relative path is specified it will be resolved against the \"session\"\ + \ directory in ZAP \"home\" dir." + operationId: "coreActionNewSession" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "name" + in: "query" + description: "" + schema: + type: "string" + - name: "overwrite" + in: "query" + description: "" + schema: + type: "string" + /JSON/core/action/removeProxyChainExcludedDomain/: get: - description: >- - Deletes the alert with the given ID. + description: "Use the API endpoints in the 'network' component instead." deprecated: true - operationId: coreActionDeleteAlert + operationId: "coreActionRemoveProxyChainExcludedDomain" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "idx" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/core/action/runGarbageCollection/: + get: + description: "" + operationId: "coreActionRunGarbageCollection" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/action/saveSession/: + get: + description: "Saves the session." + operationId: "coreActionSaveSession" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "name" + in: "query" + required: true + description: "The name (or path) of the session. If a relative path is specified\ + \ it will be resolved against the \"session\" directory in ZAP \"home\" dir." + schema: + type: "string" + - name: "overwrite" + in: "query" + description: "If existing files should be overwritten, attempting to overwrite\ + \ the files of the session already in use/saved will lead to an error (\"\ + already_exists\")." + schema: + type: "string" + /JSON/core/action/sendRequest/: + get: + description: "Sends the HTTP request, optionally following redirections. Returns\ + \ the request sent and response received and followed redirections, if any.\ + \ The Mode is enforced when sending the request (and following redirections),\ + \ custom manual requests are not allowed in 'Safe' mode nor in 'Protected'\ + \ mode if out of scope." + operationId: "coreActionSendRequest" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "request" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "followRedirects" + in: "query" + description: "" + schema: + type: "string" + /JSON/core/action/setHomeDirectory/: + get: + description: "" + operationId: "coreActionSetHomeDirectory" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "dir" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/core/action/setMode/: + get: + description: "Sets the mode, which may be one of [safe, protect, standard, attack]" + operationId: "coreActionSetMode" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "mode" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/core/action/setOptionAlertOverridesFilePath/: + get: + description: "Sets (or clears, if empty) the path to the file with alert overrides." + operationId: "coreActionSetOptionAlertOverridesFilePath" tags: - - core + - "core" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: id - in: query - required: true - deprecated: false - description: "" - schema: - type: integer + - name: "filePath" + in: "query" + description: "" + schema: + type: "string" /JSON/core/action/setOptionDefaultUserAgent/: get: - description: >- - Sets the user agent that ZAP should use when creating HTTP messages (for example, spider messages or CONNECT requests to outgoing proxy). - operationId: coreActionSetOptionDefaultUserAgent + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreActionSetOptionDefaultUserAgent" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "String" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/core/action/setOptionDnsTtlSuccessfulQueries/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreActionSetOptionDnsTtlSuccessfulQueries" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Integer" + in: "query" + required: true + description: "" + schema: + type: "integer" + /JSON/core/action/setOptionHttpStateEnabled/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreActionSetOptionHttpStateEnabled" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/core/action/setOptionMaximumAlertInstances/: + get: + description: "Sets the maximum number of alert instances to include in a report.\ + \ A value of zero is treated as unlimited." + operationId: "coreActionSetOptionMaximumAlertInstances" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "numberOfInstances" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/core/action/setOptionMergeRelatedAlerts/: + get: + description: "Sets whether or not related alerts will be merged in any reports\ + \ generated." + operationId: "coreActionSetOptionMergeRelatedAlerts" tags: - - core + - "core" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: String - in: query - required: true - deprecated: false - description: "" - schema: - type: string + - name: "enabled" + in: "query" + required: true + description: "" + schema: + type: "string" /JSON/core/action/setOptionProxyChainName/: get: - description: >- - - operationId: coreActionSetOptionProxyChainName + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreActionSetOptionProxyChainName" tags: - - core + - "core" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: String - in: query - required: true - deprecated: false - description: "" - schema: - type: string + - name: "String" + in: "query" + required: true + description: "" + schema: + type: "string" /JSON/core/action/setOptionProxyChainPassword/: get: - description: >- - - operationId: coreActionSetOptionProxyChainPassword + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreActionSetOptionProxyChainPassword" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "String" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/core/action/setOptionProxyChainPort/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreActionSetOptionProxyChainPort" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Integer" + in: "query" + required: true + description: "" + schema: + type: "integer" + /JSON/core/action/setOptionProxyChainPrompt/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreActionSetOptionProxyChainPrompt" tags: - - core + - "core" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: String - in: query - required: true - deprecated: false - description: "" - schema: - type: string + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" /JSON/core/action/setOptionProxyChainRealm/: get: - description: >- - - operationId: coreActionSetOptionProxyChainRealm + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreActionSetOptionProxyChainRealm" tags: - - core + - "core" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: String - in: query - required: true - deprecated: false - description: "" - schema: - type: string + - name: "String" + in: "query" + required: true + description: "" + schema: + type: "string" /JSON/core/action/setOptionProxyChainSkipName/: get: - description: >- - Use actions [add|modify|remove]ProxyChainExcludedDomain instead. - operationId: coreActionSetOptionProxyChainSkipName + description: "Option no longer in effective use." + deprecated: true + operationId: "coreActionSetOptionProxyChainSkipName" tags: - - core + - "core" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: String - in: query - required: true - deprecated: false - description: "" - schema: - type: string + - name: "String" + in: "query" + required: true + description: "" + schema: + type: "string" /JSON/core/action/setOptionProxyChainUserName/: get: - description: >- - - operationId: coreActionSetOptionProxyChainUserName + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreActionSetOptionProxyChainUserName" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "String" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/core/action/setOptionSingleCookieRequestHeader/: + get: + description: "Option no longer in effective use." + deprecated: true + operationId: "coreActionSetOptionSingleCookieRequestHeader" tags: - - core + - "core" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: String - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/core/action/setOptionDnsTtlSuccessfulQueries/: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/core/action/setOptionTimeoutInSecs/: get: - description: >- - Sets the TTL (in seconds) of successful DNS queries (applies after ZAP restart). - operationId: coreActionSetOptionDnsTtlSuccessfulQueries + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreActionSetOptionTimeoutInSecs" tags: - - core + - "core" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Integer - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/core/action/setOptionHttpStateEnabled/: + - name: "Integer" + in: "query" + required: true + description: "" + schema: + type: "integer" + /JSON/core/action/setOptionUseProxyChain/: get: - description: >- - - operationId: coreActionSetOptionHttpStateEnabled + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreActionSetOptionUseProxyChain" tags: - - core + - "core" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/core/action/setOptionProxyChainPort/: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/core/action/setOptionUseProxyChainAuth/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreActionSetOptionUseProxyChainAuth" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/core/action/setOptionUseSocksProxy/: get: - description: >- - - operationId: coreActionSetOptionProxyChainPort + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreActionSetOptionUseSocksProxy" tags: - - core + - "core" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Integer - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/core/action/setOptionProxyChainPrompt/: + - name: "Boolean" + in: "query" + required: true + description: "true if the SOCKS proxy should be used, false otherwise." + schema: + type: "boolean" + /JSON/core/action/shutdown/: get: - description: >- - - operationId: coreActionSetOptionProxyChainPrompt + description: "Shuts down ZAP" + operationId: "coreActionShutdown" tags: - - core + - "core" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" + /JSON/core/action/snapshotSession/: + get: + description: "Snapshots the session, optionally with the given name, and overwriting\ + \ existing files. If no name is specified the name of the current session\ + \ with a timestamp appended is used. If a relative path is specified it will\ + \ be resolved against the \"session\" directory in ZAP \"home\" dir." + operationId: "coreActionSnapshotSession" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/core/action/setOptionSingleCookieRequestHeader/: + - name: "name" + in: "query" + description: "" + schema: + type: "string" + - name: "overwrite" + in: "query" + description: "" + schema: + type: "string" + /OTHER/core/other/fileDownload/: + get: + description: "Download a file from the transfer directory" + operationId: "coreOtherFileDownload" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorOther" + parameters: + - name: "fileName" + in: "query" + required: true + description: "The name of the file, may include subdirectories" + schema: + type: "string" + /OTHER/core/other/fileUpload/: + get: + description: "Upload a file to the transfer directory. Only POST requests accepted\ + \ with encodings of \"multipart/form-data\" or \"application/x-www-form-urlencoded\"\ + ." + operationId: "coreOtherFileUpload" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorOther" + parameters: + - name: "fileName" + in: "query" + required: true + description: "The name of the file, may include subdirectories." + schema: + type: "string" + - name: "fileContents" + in: "query" + required: true + description: "The contents of the file." + schema: + type: "string" + /OTHER/core/other/htmlreport/: + get: + description: "Use the 'generate' API endpoint the 'reports' component instead." + deprecated: true + operationId: "coreOtherHtmlreport" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorOther" + /OTHER/core/other/jsonreport/: + get: + description: "Use the 'generate' API endpoint the 'reports' component instead." + deprecated: true + operationId: "coreOtherJsonreport" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorOther" + /OTHER/core/other/mdreport/: + get: + description: "Use the 'generate' API endpoint the 'reports' component instead." + deprecated: true + operationId: "coreOtherMdreport" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorOther" + /OTHER/core/other/messageHar/: + get: + description: "Use the API endpoints in the 'exim' add-on instead." + deprecated: true + operationId: "coreOtherMessageHar" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorOther" + parameters: + - name: "id" + in: "query" + required: true + description: "" + schema: + type: "string" + /OTHER/core/other/messagesHar/: + get: + description: "Use the API endpoints in the 'exim' add-on instead." + deprecated: true + operationId: "coreOtherMessagesHar" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorOther" + parameters: + - name: "baseurl" + in: "query" + description: "" + schema: + type: "string" + - name: "start" + in: "query" + description: "" + schema: + type: "string" + - name: "count" + in: "query" + description: "" + schema: + type: "string" + /OTHER/core/other/messagesHarById/: + get: + description: "Use the API endpoints in the 'exim' add-on instead." + deprecated: true + operationId: "coreOtherMessagesHarById" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorOther" + parameters: + - name: "ids" + in: "query" + required: true + description: "" + schema: + type: "string" + /OTHER/core/other/proxy.pac/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreOtherProxy.pac" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorOther" + /OTHER/core/other/rootcert/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreOtherRootcert" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorOther" + /OTHER/core/other/sendHarRequest/: + get: + description: "Use the API endpoints in the 'exim' add-on instead." + deprecated: true + operationId: "coreOtherSendHarRequest" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorOther" + parameters: + - name: "request" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "followRedirects" + in: "query" + description: "" + schema: + type: "string" + /OTHER/core/other/setproxy/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreOtherSetproxy" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorOther" + parameters: + - name: "proxy" + in: "query" + required: true + description: "" + schema: + type: "string" + /OTHER/core/other/xmlreport/: + get: + description: "Use the 'generate' API endpoint the 'reports' component instead." + deprecated: true + operationId: "coreOtherXmlreport" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorOther" + /JSON/core/view/alert/: + get: + description: "Use the API endpoint with the same name in the 'alert' component\ + \ instead." + deprecated: true + operationId: "coreViewAlert" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "id" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/core/view/alerts/: + get: + description: "Use the API endpoint with the same name in the 'alert' component\ + \ instead." + deprecated: true + operationId: "coreViewAlerts" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "baseurl" + in: "query" + description: "The highest URL in the Sites tree under which alerts should be\ + \ included." + schema: + type: "string" + - name: "start" + in: "query" + description: "" + schema: + type: "string" + - name: "count" + in: "query" + description: "" + schema: + type: "string" + - name: "riskId" + in: "query" + description: "" + schema: + type: "string" + /JSON/core/view/alertsSummary/: + get: + description: "Use the API endpoint with the same name in the 'alert' component\ + \ instead." + deprecated: true + operationId: "coreViewAlertsSummary" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "baseurl" + in: "query" + description: "The highest URL in the Sites tree under which alerts should be\ + \ included." + schema: + type: "string" + /JSON/core/view/childNodes/: + get: + description: "Gets the child nodes underneath the specified URL in the Sites\ + \ tree" + operationId: "coreViewChildNodes" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "url" + in: "query" + description: "" + schema: + type: "string" + /JSON/core/view/excludedFromProxy/: + get: + description: "Gets the regular expressions, applied to URLs, to exclude from\ + \ the local proxies." + operationId: "coreViewExcludedFromProxy" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/homeDirectory/: + get: + description: "" + deprecated: true + operationId: "coreViewHomeDirectory" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/hosts/: + get: + description: "Gets the name of the hosts accessed through/by ZAP" + operationId: "coreViewHosts" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/message/: + get: + description: "Gets the HTTP message with the given ID. Returns the ID, request/response\ + \ headers and bodies, cookies, note, type, RTT, and timestamp." + operationId: "coreViewMessage" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "id" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/core/view/messages/: + get: + description: "Gets the HTTP messages sent by ZAP, request and response, optionally\ + \ filtered by URL and paginated with 'start' position and 'count' of messages" + operationId: "coreViewMessages" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "baseurl" + in: "query" + description: "The highest URL in the Sites tree under which messages should\ + \ be included." + schema: + type: "string" + - name: "start" + in: "query" + description: "" + schema: + type: "string" + - name: "count" + in: "query" + description: "" + schema: + type: "string" + /JSON/core/view/messagesById/: + get: + description: "Gets the HTTP messages with the given IDs." + operationId: "coreViewMessagesById" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "ids" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/core/view/mode/: + get: + description: "Gets the mode" + operationId: "coreViewMode" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/numberOfAlerts/: + get: + description: "Use the API endpoint with the same name in the 'alert' component\ + \ instead." + deprecated: true + operationId: "coreViewNumberOfAlerts" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "baseurl" + in: "query" + description: "The highest URL in the Sites tree under which alerts should be\ + \ included." + schema: + type: "string" + - name: "riskId" + in: "query" + description: "" + schema: + type: "string" + /JSON/core/view/numberOfMessages/: + get: + description: "Gets the number of messages, optionally filtering by URL" + operationId: "coreViewNumberOfMessages" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "baseurl" + in: "query" + description: "The highest URL in the Sites tree under which messages should\ + \ be included." + schema: + type: "string" + /JSON/core/view/optionAlertOverridesFilePath/: + get: + description: "Gets the path to the file with alert overrides." + operationId: "coreViewOptionAlertOverridesFilePath" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/optionDefaultUserAgent/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreViewOptionDefaultUserAgent" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/optionDnsTtlSuccessfulQueries/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreViewOptionDnsTtlSuccessfulQueries" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/optionHttpState/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreViewOptionHttpState" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/optionHttpStateEnabled/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreViewOptionHttpStateEnabled" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/optionMaximumAlertInstances/: + get: + description: "Gets the maximum number of alert instances to include in a report." + operationId: "coreViewOptionMaximumAlertInstances" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/optionMergeRelatedAlerts/: + get: + description: "Gets whether or not related alerts will be merged in any reports\ + \ generated." + operationId: "coreViewOptionMergeRelatedAlerts" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/optionProxyChainName/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreViewOptionProxyChainName" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/optionProxyChainPassword/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreViewOptionProxyChainPassword" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/optionProxyChainPort/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreViewOptionProxyChainPort" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/optionProxyChainPrompt/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreViewOptionProxyChainPrompt" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/optionProxyChainRealm/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreViewOptionProxyChainRealm" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/optionProxyChainSkipName/: + get: + description: "Use view proxyChainExcludedDomains instead." + deprecated: true + operationId: "coreViewOptionProxyChainSkipName" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/optionProxyChainUserName/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreViewOptionProxyChainUserName" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/optionProxyExcludedDomains/: + get: + description: "Use view proxyChainExcludedDomains instead." + deprecated: true + operationId: "coreViewOptionProxyExcludedDomains" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/optionProxyExcludedDomainsEnabled/: + get: + description: "Use view proxyChainExcludedDomains instead." + deprecated: true + operationId: "coreViewOptionProxyExcludedDomainsEnabled" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/optionSingleCookieRequestHeader/: + get: + description: "Option no longer in effective use." + deprecated: true + operationId: "coreViewOptionSingleCookieRequestHeader" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/optionTimeoutInSecs/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreViewOptionTimeoutInSecs" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/optionUseProxyChain/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreViewOptionUseProxyChain" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/optionUseProxyChainAuth/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreViewOptionUseProxyChainAuth" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/optionUseSocksProxy/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreViewOptionUseSocksProxy" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/proxyChainExcludedDomains/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "coreViewProxyChainExcludedDomains" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/sessionLocation/: + get: + description: "Gets the location of the current session file" + operationId: "coreViewSessionLocation" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/sites/: + get: + description: "Gets the sites accessed through/by ZAP (scheme and domain)" + operationId: "coreViewSites" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/urls/: + get: + description: "Gets the URLs accessed through/by ZAP, optionally filtering by\ + \ (base) URL." + operationId: "coreViewUrls" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "baseurl" + in: "query" + description: "The highest URL in the Sites tree under which URLs should be included." + schema: + type: "string" + /JSON/core/view/version/: + get: + description: "Gets ZAP version" + operationId: "coreViewVersion" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/core/view/zapHomePath/: + get: + description: "Gets the path to ZAP's home directory." + operationId: "coreViewZapHomePath" + tags: + - "core" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /OTHER/dev/other/openapi/: + get: + description: "Provides the OpenAPI definition of the ZAP API, in YAML format." + operationId: "devOtherOpenapi" + tags: + - "dev" + responses: + default: + $ref: "#/components/responses/ErrorOther" + /JSON/exim/action/importHar/: + get: + description: "Imports a HAR file." + operationId: "eximActionImportHar" + tags: + - "exim" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "filePath" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/exim/action/importModsec2Logs/: + get: + description: "Imports ModSecurity2 logs from the file with the given file system\ + \ path." + operationId: "eximActionImportModsec2Logs" + tags: + - "exim" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "filePath" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/exim/action/importUrls/: + get: + description: "Imports URLs (one per line) from the file with the given file\ + \ system path." + operationId: "eximActionImportUrls" + tags: + - "exim" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "filePath" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/exim/action/importZapLogs/: + get: + description: "Imports previously exported ZAP messages from the file with the\ + \ given file system path." + operationId: "eximActionImportZapLogs" + tags: + - "exim" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "filePath" + in: "query" + required: true + description: "" + schema: + type: "string" + /OTHER/exim/other/exportHar/: + get: + description: "Gets the HTTP messages sent through/by ZAP, in HAR format, optionally\ + \ filtered by URL and paginated with 'start' position and 'count' of messages" + operationId: "eximOtherExportHar" + tags: + - "exim" + responses: + default: + $ref: "#/components/responses/ErrorOther" + parameters: + - name: "baseurl" + in: "query" + description: "The URL below which messages should be included." + schema: + type: "string" + - name: "start" + in: "query" + description: "The position (or offset) within the results to use as a starting\ + \ position for the information returned." + schema: + type: "string" + - name: "count" + in: "query" + description: "The number of results to return." + schema: + type: "string" + /OTHER/exim/other/exportHarById/: + get: + description: "Gets the HTTP messages with the given IDs, in HAR format." + operationId: "eximOtherExportHarById" + tags: + - "exim" + responses: + default: + $ref: "#/components/responses/ErrorOther" + parameters: + - name: "ids" + in: "query" + required: true + description: "The ID (number(s)) of the message(s) to be returned." + schema: + type: "string" + /OTHER/exim/other/sendHarRequest/: + get: + description: "Sends the first HAR request entry, optionally following redirections.\ + \ Returns, in HAR format, the request sent and response received and followed\ + \ redirections, if any. The Mode is enforced when sending the request (and\ + \ following redirections), custom manual requests are not allowed in 'Safe'\ + \ mode nor in 'Protected' mode if out of scope." + operationId: "eximOtherSendHarRequest" + tags: + - "exim" + responses: + default: + $ref: "#/components/responses/ErrorOther" + parameters: + - name: "request" + in: "query" + required: true + description: "The raw JSON of a HAR request." + schema: + type: "string" + - name: "followRedirects" + in: "query" + description: "True if redirects should be followed, false otherwise." + schema: + type: "string" + /JSON/forcedUser/action/setForcedUser/: + get: + description: "Sets the user (ID) that should be used in 'forced user' mode for\ + \ the given context (ID)" + operationId: "forcedUserActionSetForcedUser" + tags: + - "forcedUser" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextId" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "userId" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/forcedUser/action/setForcedUserModeEnabled/: + get: + description: "Sets if 'forced user' mode should be enabled or not" + operationId: "forcedUserActionSetForcedUserModeEnabled" + tags: + - "forcedUser" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "boolean" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/forcedUser/view/getForcedUser/: + get: + description: "Gets the user (ID) set as 'forced user' for the given context\ + \ (ID)" + operationId: "forcedUserViewGetForcedUser" + tags: + - "forcedUser" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextId" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/forcedUser/view/isForcedUserModeEnabled/: + get: + description: "Returns 'true' if 'forced user' mode is enabled, 'false' otherwise" + operationId: "forcedUserViewIsForcedUserModeEnabled" + tags: + - "forcedUser" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/graphql/action/importFile/: + get: + description: "Imports a GraphQL Schema from a File." + operationId: "graphqlActionImportFile" + tags: + - "graphql" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "endurl" + in: "query" + required: true + description: "The Endpoint URL." + schema: + type: "string" + - name: "file" + in: "query" + required: true + description: "The File That Contains the GraphQL Schema." + schema: + type: "string" + /JSON/graphql/action/importUrl/: + get: + description: "Imports a GraphQL Schema from a URL." + operationId: "graphqlActionImportUrl" + tags: + - "graphql" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "endurl" + in: "query" + required: true + description: "The Endpoint URL." + schema: + type: "string" + - name: "url" + in: "query" + description: "The URL Locating the GraphQL Schema." + schema: + type: "string" + /JSON/graphql/action/setOptionArgsType/: + get: + description: "Sets how arguments are specified." + operationId: "graphqlActionSetOptionArgsType" + tags: + - "graphql" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "String" + in: "query" + required: true + description: "Can be \"INLINE\", \"VARIABLES\", or \"BOTH\"." + schema: + type: "string" + /JSON/graphql/action/setOptionLenientMaxQueryDepthEnabled/: + get: + description: "Sets whether or not Maximum Query Depth is enforced leniently." + operationId: "graphqlActionSetOptionLenientMaxQueryDepthEnabled" + tags: + - "graphql" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Boolean" + in: "query" + required: true + description: "Enforce Leniently (true or false)." + schema: + type: "boolean" + /JSON/graphql/action/setOptionMaxAdditionalQueryDepth/: + get: + description: "Sets the maximum additional query generation depth (used if enforced\ + \ leniently)." + operationId: "graphqlActionSetOptionMaxAdditionalQueryDepth" + tags: + - "graphql" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Integer" + in: "query" + required: true + description: "The Maximum Additional Depth." + schema: + type: "integer" + /JSON/graphql/action/setOptionMaxArgsDepth/: + get: + description: "Sets the maximum arguments generation depth." + operationId: "graphqlActionSetOptionMaxArgsDepth" + tags: + - "graphql" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Integer" + in: "query" + required: true + description: "The Maximum Depth." + schema: + type: "integer" + /JSON/graphql/action/setOptionMaxQueryDepth/: + get: + description: "Sets the maximum query generation depth." + operationId: "graphqlActionSetOptionMaxQueryDepth" + tags: + - "graphql" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Integer" + in: "query" + required: true + description: "The Maximum Depth." + schema: + type: "integer" + /JSON/graphql/action/setOptionOptionalArgsEnabled/: + get: + description: "Sets whether or not Optional Arguments should be specified." + operationId: "graphqlActionSetOptionOptionalArgsEnabled" + tags: + - "graphql" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Boolean" + in: "query" + required: true + description: "Specify Optional Arguments (true or false)." + schema: + type: "boolean" + /JSON/graphql/action/setOptionQueryGenEnabled/: + get: + description: "Sets whether the query generator is enabled." + operationId: "graphqlActionSetOptionQueryGenEnabled" + tags: + - "graphql" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Boolean" + in: "query" + required: true + description: "Enable query generation (true or false)." + schema: + type: "boolean" + /JSON/graphql/action/setOptionQuerySplitType/: + get: + description: "Sets the level for which a single query is generated." + operationId: "graphqlActionSetOptionQuerySplitType" + tags: + - "graphql" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "String" + in: "query" + required: true + description: "Can be \"LEAF\", \"ROOT_FIELD\", or \"OPERATION\"." + schema: + type: "string" + /JSON/graphql/action/setOptionRequestMethod/: + get: + description: "Sets the request method." + operationId: "graphqlActionSetOptionRequestMethod" + tags: + - "graphql" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "String" + in: "query" + required: true + description: "Can be \"POST_JSON\", \"POST_GRAPHQL\", or \"GET\"." + schema: + type: "string" + /JSON/graphql/view/optionArgsType/: + get: + description: "Returns how arguments are currently specified." + operationId: "graphqlViewOptionArgsType" + tags: + - "graphql" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/graphql/view/optionLenientMaxQueryDepthEnabled/: + get: + description: "Returns whether or not lenient maximum query generation depth\ + \ is enabled." + operationId: "graphqlViewOptionLenientMaxQueryDepthEnabled" + tags: + - "graphql" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/graphql/view/optionMaxAdditionalQueryDepth/: + get: + description: "Returns the current maximum additional query generation depth." + operationId: "graphqlViewOptionMaxAdditionalQueryDepth" + tags: + - "graphql" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/graphql/view/optionMaxArgsDepth/: + get: + description: "Returns the current maximum arguments generation depth." + operationId: "graphqlViewOptionMaxArgsDepth" + tags: + - "graphql" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/graphql/view/optionMaxQueryDepth/: + get: + description: "Returns the current maximum query generation depth." + operationId: "graphqlViewOptionMaxQueryDepth" + tags: + - "graphql" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/graphql/view/optionOptionalArgsEnabled/: + get: + description: "Returns whether or not optional arguments are currently specified." + operationId: "graphqlViewOptionOptionalArgsEnabled" + tags: + - "graphql" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/graphql/view/optionQueryGenEnabled/: + get: + description: "Returns whether the query generator is enabled." + operationId: "graphqlViewOptionQueryGenEnabled" + tags: + - "graphql" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/graphql/view/optionQuerySplitType/: + get: + description: "Returns the current level for which a single query is generated." + operationId: "graphqlViewOptionQuerySplitType" + tags: + - "graphql" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/graphql/view/optionRequestMethod/: + get: + description: "Returns the current request method." + operationId: "graphqlViewOptionRequestMethod" + tags: + - "graphql" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/httpSessions/action/addDefaultSessionToken/: + get: + description: "Adds a default session token with the given name and enabled state." + operationId: "httpSessionsActionAddDefaultSessionToken" + tags: + - "httpSessions" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "sessionToken" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "tokenEnabled" + in: "query" + description: "" + schema: + type: "string" + /JSON/httpSessions/action/addSessionToken/: + get: + description: "Adds the session token to the given site." + operationId: "httpSessionsActionAddSessionToken" + tags: + - "httpSessions" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "site" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "sessionToken" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/httpSessions/action/createEmptySession/: + get: + description: "Creates an empty session for the given site. Optionally with the\ + \ given name." + operationId: "httpSessionsActionCreateEmptySession" + tags: + - "httpSessions" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "site" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "session" + in: "query" + description: "" + schema: + type: "string" + /JSON/httpSessions/action/removeDefaultSessionToken/: + get: + description: "Removes the default session token with the given name." + operationId: "httpSessionsActionRemoveDefaultSessionToken" + tags: + - "httpSessions" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "sessionToken" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/httpSessions/action/removeSession/: + get: + description: "Removes the session from the given site." + operationId: "httpSessionsActionRemoveSession" + tags: + - "httpSessions" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "site" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "session" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/httpSessions/action/removeSessionToken/: + get: + description: "Removes the session token from the given site." + operationId: "httpSessionsActionRemoveSessionToken" + tags: + - "httpSessions" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "site" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "sessionToken" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/httpSessions/action/renameSession/: + get: + description: "Renames the session of the given site." + operationId: "httpSessionsActionRenameSession" + tags: + - "httpSessions" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "site" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "oldSessionName" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "newSessionName" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/httpSessions/action/setActiveSession/: + get: + description: "Sets the given session as active for the given site." + operationId: "httpSessionsActionSetActiveSession" + tags: + - "httpSessions" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "site" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "session" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/httpSessions/action/setDefaultSessionTokenEnabled/: + get: + description: "Sets whether or not the default session token with the given name\ + \ is enabled." + operationId: "httpSessionsActionSetDefaultSessionTokenEnabled" + tags: + - "httpSessions" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "sessionToken" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "tokenEnabled" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/httpSessions/action/setSessionTokenValue/: + get: + description: "Sets the value of the session token of the given session for the\ + \ given site." + operationId: "httpSessionsActionSetSessionTokenValue" + tags: + - "httpSessions" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "site" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "session" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "sessionToken" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "tokenValue" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/httpSessions/action/unsetActiveSession/: + get: + description: "Unsets the active session of the given site." + operationId: "httpSessionsActionUnsetActiveSession" + tags: + - "httpSessions" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "site" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/httpSessions/view/activeSession/: + get: + description: "Gets the name of the active session for the given site." + operationId: "httpSessionsViewActiveSession" + tags: + - "httpSessions" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "site" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/httpSessions/view/defaultSessionTokens/: + get: + description: "Gets the default session tokens." + operationId: "httpSessionsViewDefaultSessionTokens" + tags: + - "httpSessions" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/httpSessions/view/sessionTokens/: + get: + description: "Gets the names of the session tokens for the given site." + operationId: "httpSessionsViewSessionTokens" + tags: + - "httpSessions" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "site" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/httpSessions/view/sessions/: + get: + description: "Gets the sessions for the given site. Optionally returning just\ + \ the session with the given name." + operationId: "httpSessionsViewSessions" + tags: + - "httpSessions" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "site" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "session" + in: "query" + description: "" + schema: + type: "string" + /JSON/httpSessions/view/sites/: + get: + description: "Gets all of the sites that have sessions." + operationId: "httpSessionsViewSites" + tags: + - "httpSessions" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /OTHER/keyboard/other/cheatsheetActionOrder/: + get: + description: "Lists the keyboard shortcuts sorted by action, optionally, showing\ + \ actions without shortcut set." + operationId: "keyboardOtherCheatsheetActionOrder" + tags: + - "keyboard" + responses: + default: + $ref: "#/components/responses/ErrorOther" + parameters: + - name: "incUnset" + in: "query" + description: "" + schema: + type: "string" + /OTHER/keyboard/other/cheatsheetKeyOrder/: + get: + description: "Lists the keyboard shortcuts sorted by keyboard shortcut, optionally,\ + \ showing actions without shortcut set." + operationId: "keyboardOtherCheatsheetKeyOrder" + tags: + - "keyboard" + responses: + default: + $ref: "#/components/responses/ErrorOther" + parameters: + - name: "incUnset" + in: "query" + description: "" + schema: + type: "string" + /JSON/localProxies/action/addAdditionalProxy/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "localProxiesActionAddAdditionalProxy" + tags: + - "localProxies" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "address" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "port" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "behindNat" + in: "query" + description: "" + schema: + type: "string" + - name: "alwaysDecodeZip" + in: "query" + description: "" + schema: + type: "string" + - name: "removeUnsupportedEncodings" + in: "query" + description: "" + schema: + type: "string" + /JSON/localProxies/action/removeAdditionalProxy/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "localProxiesActionRemoveAdditionalProxy" + tags: + - "localProxies" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "address" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "port" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/localProxies/view/additionalProxies/: + get: + description: "Use the API endpoints in the 'network' component instead." + deprecated: true + operationId: "localProxiesViewAdditionalProxies" + tags: + - "localProxies" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/network/action/addAlias/: + get: + description: "Adds an alias for the local servers/proxies." + operationId: "networkActionAddAlias" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "name" + in: "query" + required: true + description: "The name of the alias." + schema: + type: "string" + - name: "enabled" + in: "query" + description: "The enabled state, true or false." + schema: + type: "string" + /JSON/network/action/addHttpProxyExclusion/: + get: + description: "Adds a host to be excluded from the HTTP proxy." + operationId: "networkActionAddHttpProxyExclusion" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "host" + in: "query" + required: true + description: "The value of the host, a regular expression." + schema: + type: "string" + - name: "enabled" + in: "query" + description: "The enabled state, true or false." + schema: + type: "string" + /JSON/network/action/addLocalServer/: + get: + description: "Adds a local server/proxy." + operationId: "networkActionAddLocalServer" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "address" + in: "query" + required: true + description: "The address of the local server/proxy." + schema: + type: "string" + - name: "port" + in: "query" + required: true + description: "The port of the local server/proxy." + schema: + type: "string" + - name: "api" + in: "query" + description: "If the ZAP API is available, true or false." + schema: + type: "string" + - name: "proxy" + in: "query" + description: "If the local server should proxy, true or false." + schema: + type: "string" + - name: "behindNat" + in: "query" + description: "If the local server is behind NAT, true or false." + schema: + type: "string" + - name: "decodeResponse" + in: "query" + description: "If the response should be decoded, true or false." + schema: + type: "string" + - name: "removeAcceptEncoding" + in: "query" + description: "If the request header Accept-Encoding should be removed, true\ + \ or false." + schema: + type: "string" + /JSON/network/action/addPassThrough/: + get: + description: "Adds an authority to pass-through the local proxies." + operationId: "networkActionAddPassThrough" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "authority" + in: "query" + required: true + description: "The value of the authority, can be a regular expression." + schema: + type: "string" + - name: "enabled" + in: "query" + description: "The enabled state, true or false." + schema: + type: "string" + /JSON/network/action/addPkcs12ClientCertificate/: + get: + description: "Adds a client certificate contained in a PKCS#12 file, the certificate\ + \ is automatically set as active and used." + operationId: "networkActionAddPkcs12ClientCertificate" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "filePath" + in: "query" + required: true + description: "The file path." + schema: + type: "string" + - name: "password" + in: "query" + required: true + description: "The password for the file." + schema: + type: "string" + - name: "index" + in: "query" + description: "The index of the certificate in the file, defaults to 0." + schema: + type: "string" + /JSON/network/action/addRateLimitRule/: + get: + description: "Adds a rate limit rule" + operationId: "networkActionAddRateLimitRule" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "description" + in: "query" + required: true + description: "A description that allows you to identify the rule. Each rule\ + \ must have a unique description." + schema: + type: "string" + - name: "enabled" + in: "query" + required: true + description: "The enabled state, true or false." + schema: + type: "string" + - name: "matchRegex" + in: "query" + required: true + description: "Regex used to match the host." + schema: + type: "string" + - name: "matchString" + in: "query" + required: true + description: "Plain string match is handled based on DNS conventions. If the\ + \ string has one or two components." + schema: + type: "string" + - name: "requestsPerSecond" + in: "query" + required: true + description: "The maximum number of requests per second." + schema: + type: "string" + - name: "groupBy" + in: "query" + required: true + description: "How to group hosts when applying rate limiting: rule or host" + schema: + type: "string" + /JSON/network/action/generateRootCaCert/: + get: + description: "Generates a new Root CA certificate, used to issue server certificates." + operationId: "networkActionGenerateRootCaCert" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/network/action/importRootCaCert/: + get: + description: "Imports a Root CA certificate to be used to issue server certificates." + operationId: "networkActionImportRootCaCert" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "filePath" + in: "query" + required: true + description: "The file system path to the PEM file, containing the certificate\ + \ and private key." + schema: + type: "string" + /JSON/network/action/removeAlias/: + get: + description: "Removes an alias." + operationId: "networkActionRemoveAlias" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "name" + in: "query" + required: true + description: "The name of the alias." + schema: + type: "string" + /JSON/network/action/removeHttpProxyExclusion/: + get: + description: "Removes an HTTP proxy exclusion." + operationId: "networkActionRemoveHttpProxyExclusion" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "host" + in: "query" + required: true + description: "The value of the host." + schema: + type: "string" + /JSON/network/action/removeLocalServer/: + get: + description: "Removes a local server/proxy." + operationId: "networkActionRemoveLocalServer" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "address" + in: "query" + required: true + description: "The address of the local server/proxy." + schema: + type: "string" + - name: "port" + in: "query" + required: true + description: "The port of the local server/proxy." + schema: + type: "string" + /JSON/network/action/removePassThrough/: + get: + description: "Removes a pass-through." + operationId: "networkActionRemovePassThrough" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "authority" + in: "query" + required: true + description: "The value of the authority." + schema: + type: "string" + /JSON/network/action/removeRateLimitRule/: + get: + description: "Remove a rate limit rule" + operationId: "networkActionRemoveRateLimitRule" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "description" + in: "query" + required: true + description: "The description of the rule to remove." + schema: + type: "string" + /JSON/network/action/setAliasEnabled/: + get: + description: "Sets whether or not an alias is enabled." + operationId: "networkActionSetAliasEnabled" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "name" + in: "query" + required: true + description: "The name of the alias." + schema: + type: "string" + - name: "enabled" + in: "query" + required: true + description: "The enabled state, true or false." + schema: + type: "string" + /JSON/network/action/setConnectionTimeout/: + get: + description: "Sets the timeout, for reads and connects." + operationId: "networkActionSetConnectionTimeout" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "timeout" + in: "query" + required: true + description: "The timeout, in seconds." + schema: + type: "string" + /JSON/network/action/setDefaultUserAgent/: + get: + description: "Sets the default user-agent." + operationId: "networkActionSetDefaultUserAgent" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "userAgent" + in: "query" + required: true + description: "The default user-agent." + schema: + type: "string" + /JSON/network/action/setDnsTtlSuccessfulQueries/: + get: + description: "Sets the TTL of successful DNS queries." + operationId: "networkActionSetDnsTtlSuccessfulQueries" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "ttl" + in: "query" + required: true + description: "The TTL, in seconds. Negative number, cache forever. Zero, disables\ + \ caching. Positive number, the number of seconds the successful DNS queries\ + \ will be cached." + schema: + type: "string" + /JSON/network/action/setHttpProxy/: + get: + description: "Sets the HTTP proxy configuration." + operationId: "networkActionSetHttpProxy" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "host" + in: "query" + required: true + description: "The host, name or address." + schema: + type: "string" + - name: "port" + in: "query" + required: true + description: "The port." + schema: + type: "string" + - name: "realm" + in: "query" + description: "The authentication realm." + schema: + type: "string" + - name: "username" + in: "query" + description: "The user name." + schema: + type: "string" + - name: "password" + in: "query" + description: "The password." + schema: + type: "string" + /JSON/network/action/setHttpProxyAuthEnabled/: + get: + description: "Sets whether or not the HTTP proxy authentication is enabled." + operationId: "networkActionSetHttpProxyAuthEnabled" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "enabled" + in: "query" + required: true + description: "The enabled state, true or false." + schema: + type: "string" + /JSON/network/action/setHttpProxyEnabled/: + get: + description: "Sets whether or not the HTTP proxy is enabled." + operationId: "networkActionSetHttpProxyEnabled" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "enabled" + in: "query" + required: true + description: "The enabled state, true or false." + schema: + type: "string" + /JSON/network/action/setHttpProxyExclusionEnabled/: + get: + description: "Sets whether or not an HTTP proxy exclusion is enabled." + operationId: "networkActionSetHttpProxyExclusionEnabled" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "host" + in: "query" + required: true + description: "The value of the host." + schema: + type: "string" + - name: "enabled" + in: "query" + required: true + description: "The enabled state, true or false." + schema: + type: "string" + /JSON/network/action/setPassThroughEnabled/: + get: + description: "Sets whether or not a pass-through is enabled." + operationId: "networkActionSetPassThroughEnabled" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "authority" + in: "query" + required: true + description: "The value of the authority." + schema: + type: "string" + - name: "enabled" + in: "query" + required: true + description: "The enabled state, true or false." + schema: + type: "string" + /JSON/network/action/setRateLimitRuleEnabled/: + get: + description: "Set enabled state for a rate limit rule." + operationId: "networkActionSetRateLimitRuleEnabled" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "description" + in: "query" + required: true + description: "The description of the rule to modify." + schema: + type: "string" + - name: "enabled" + in: "query" + required: true + description: "The enabled state, true or false." + schema: + type: "string" + /JSON/network/action/setRootCaCertValidity/: + get: + description: "Sets the Root CA certificate validity. Used when generating a\ + \ new Root CA certificate." + operationId: "networkActionSetRootCaCertValidity" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "validity" + in: "query" + required: true + description: "The number of days that the generated Root CA certificate will\ + \ be valid for." + schema: + type: "string" + /JSON/network/action/setServerCertValidity/: + get: + description: "Sets the server certificate validity. Used when generating server\ + \ certificates." + operationId: "networkActionSetServerCertValidity" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "validity" + in: "query" + required: true + description: "The number of days that the generated server certificates will\ + \ be valid for." + schema: + type: "string" + /JSON/network/action/setSocksProxy/: + get: + description: "Sets the SOCKS proxy configuration." + operationId: "networkActionSetSocksProxy" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "host" + in: "query" + required: true + description: "The host, name or address." + schema: + type: "string" + - name: "port" + in: "query" + required: true + description: "The port." + schema: + type: "string" + - name: "version" + in: "query" + description: "The SOCKS version." + schema: + type: "string" + - name: "useDns" + in: "query" + description: "If the names should be resolved by the SOCKS proxy, true or false." + schema: + type: "string" + - name: "username" + in: "query" + description: "The user name." + schema: + type: "string" + - name: "password" + in: "query" + description: "The password." + schema: + type: "string" + /JSON/network/action/setSocksProxyEnabled/: + get: + description: "Sets whether or not the SOCKS proxy is enabled." + operationId: "networkActionSetSocksProxyEnabled" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "enabled" + in: "query" + required: true + description: "The enabled state, true or false." + schema: + type: "string" + /JSON/network/action/setUseClientCertificate/: + get: + description: "Sets whether or not to use the active client certificate." + operationId: "networkActionSetUseClientCertificate" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "use" + in: "query" + required: true + description: "The use state, true or false." + schema: + type: "string" + /JSON/network/action/setUseGlobalHttpState/: + get: + description: "Sets whether or not to use the global HTTP state." + operationId: "networkActionSetUseGlobalHttpState" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "use" + in: "query" + required: true + description: "The use state, true or false." + schema: + type: "string" + /OTHER/network/other/proxy.pac/: + get: + description: "Provides a PAC file, proxying through the main proxy." + operationId: "networkOtherProxy.pac" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorOther" + /OTHER/network/other/rootCaCert/: + get: + description: "Gets the Root CA certificate used to issue server certificates.\ + \ Suitable to import into client applications (e.g. browsers)." + operationId: "networkOtherRootCaCert" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorOther" + /OTHER/network/other/setProxy/: + get: + description: "Sets the HTTP proxy configuration." + operationId: "networkOtherSetProxy" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorOther" + parameters: + - name: "proxy" + in: "query" + required: true + description: "The JSON object containing the HTTP proxy configuration." + schema: + type: "string" + /JSON/network/view/getAliases/: + get: + description: "Gets the aliases used to identify the local servers/proxies." + operationId: "networkViewGetAliases" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/network/view/getConnectionTimeout/: + get: + description: "Gets the connection timeout, in seconds." + operationId: "networkViewGetConnectionTimeout" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/network/view/getDefaultUserAgent/: + get: + description: "Gets the default user-agent." + operationId: "networkViewGetDefaultUserAgent" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/network/view/getDnsTtlSuccessfulQueries/: + get: + description: "Gets the TTL (in seconds) of successful DNS queries." + operationId: "networkViewGetDnsTtlSuccessfulQueries" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/network/view/getHttpProxy/: + get: + description: "Gets the HTTP proxy." + operationId: "networkViewGetHttpProxy" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/network/view/getHttpProxyExclusions/: + get: + description: "Gets the HTTP proxy exclusions." + operationId: "networkViewGetHttpProxyExclusions" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/network/view/getLocalServers/: + get: + description: "Gets the local servers/proxies." + operationId: "networkViewGetLocalServers" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/network/view/getPassThroughs/: + get: + description: "Gets the authorities that will pass-through the local proxies." + operationId: "networkViewGetPassThroughs" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/network/view/getRateLimitRules/: + get: + description: "List of rate limit rules." + operationId: "networkViewGetRateLimitRules" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/network/view/getRootCaCertValidity/: + get: + description: "Gets the Root CA certificate validity, in days. Used when generating\ + \ a new Root CA certificate." + operationId: "networkViewGetRootCaCertValidity" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/network/view/getServerCertValidity/: + get: + description: "Gets the server certificate validity, in days. Used when generating\ + \ server certificates." + operationId: "networkViewGetServerCertValidity" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/network/view/getSocksProxy/: + get: + description: "Gets the SOCKS proxy." + operationId: "networkViewGetSocksProxy" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/network/view/isHttpProxyAuthEnabled/: + get: + description: "Tells whether or not the HTTP proxy authentication is enabled." + operationId: "networkViewIsHttpProxyAuthEnabled" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/network/view/isHttpProxyEnabled/: + get: + description: "Tells whether or not the HTTP proxy is enabled." + operationId: "networkViewIsHttpProxyEnabled" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/network/view/isSocksProxyEnabled/: + get: + description: "Tells whether or not the SOCKS proxy is enabled." + operationId: "networkViewIsSocksProxyEnabled" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/network/view/isUseGlobalHttpState/: + get: + description: "Tells whether or not to use global HTTP state." + operationId: "networkViewIsUseGlobalHttpState" + tags: + - "network" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/openapi/action/importFile/: + get: + description: "Imports an OpenAPI definition from a local file." + operationId: "openapiActionImportFile" + tags: + - "openapi" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "file" + in: "query" + required: true + description: "The file that contains the OpenAPI definition." + schema: + type: "string" + - name: "target" + in: "query" + description: "The Target URL to override the server URL present in the definition." + schema: + type: "string" + - name: "contextId" + in: "query" + description: "" + schema: + type: "string" + /JSON/openapi/action/importUrl/: + get: + description: "Imports an OpenAPI definition from a URL." + operationId: "openapiActionImportUrl" + tags: + - "openapi" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "url" + in: "query" + required: true + description: "The URL locating the OpenAPI definition." + schema: + type: "string" + - name: "hostOverride" + in: "query" + description: "The Target URL (called hostOverride for historical reasons) to\ + \ override the server URL present in the definition." + schema: + type: "string" + - name: "contextId" + in: "query" + description: "" + schema: + type: "string" + /JSON/paramDigger/action/helloWorld/: + get: + description: "" + operationId: "paramDiggerActionHelloWorld" + tags: + - "paramDigger" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/pnh/action/monitor/: + get: + description: "" + operationId: "pnhActionMonitor" + tags: + - "pnh" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "id" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "message" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/pnh/action/oracle/: + get: + description: "" + operationId: "pnhActionOracle" + tags: + - "pnh" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "id" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/pnh/action/startMonitoring/: + get: + description: "" + operationId: "pnhActionStartMonitoring" + tags: + - "pnh" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "url" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/pnh/action/stopMonitoring/: + get: + description: "" + operationId: "pnhActionStopMonitoring" + tags: + - "pnh" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "id" + in: "query" + required: true + description: "" + schema: + type: "string" + /OTHER/pnh/other/fx_pnh.xpi/: + get: + description: "" + operationId: "pnhOtherFx_pnh.xpi" + tags: + - "pnh" + responses: + default: + $ref: "#/components/responses/ErrorOther" + /OTHER/pnh/other/manifest/: + get: + description: "" + operationId: "pnhOtherManifest" + tags: + - "pnh" + responses: + default: + $ref: "#/components/responses/ErrorOther" + /OTHER/pnh/other/pnh/: + get: + description: "" + operationId: "pnhOtherPnh" + tags: + - "pnh" + responses: + default: + $ref: "#/components/responses/ErrorOther" + /OTHER/pnh/other/service/: + get: + description: "" + operationId: "pnhOtherService" + tags: + - "pnh" + responses: + default: + $ref: "#/components/responses/ErrorOther" + /JSON/postman/action/importFile/: + get: + description: "" + operationId: "postmanActionImportFile" + tags: + - "postman" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "file" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "endpointUrl" + in: "query" + description: "" + schema: + type: "string" + /JSON/postman/action/importUrl/: + get: + description: "" + operationId: "postmanActionImportUrl" + tags: + - "postman" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "url" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "endpointUrl" + in: "query" + description: "" + schema: + type: "string" + /JSON/pscan/action/clearQueue/: + get: + description: "Clears the passive scan queue." + operationId: "pscanActionClearQueue" + tags: + - "pscan" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/pscan/action/disableAllScanners/: + get: + description: "Disables all passive scan rules" + operationId: "pscanActionDisableAllScanners" + tags: + - "pscan" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/pscan/action/disableAllTags/: + get: + description: "Disables all passive scan tags." + operationId: "pscanActionDisableAllTags" + tags: + - "pscan" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/pscan/action/disableScanners/: + get: + description: "Disables all passive scan rules with the given IDs (comma separated\ + \ list of IDs)" + operationId: "pscanActionDisableScanners" + tags: + - "pscan" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "ids" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/pscan/action/enableAllScanners/: + get: + description: "Enables all passive scan rules" + operationId: "pscanActionEnableAllScanners" + tags: + - "pscan" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/pscan/action/enableAllTags/: + get: + description: "Enables all passive scan tags." + operationId: "pscanActionEnableAllTags" + tags: + - "pscan" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/pscan/action/enableScanners/: + get: + description: "Enables all passive scan rules with the given IDs (comma separated\ + \ list of IDs)" + operationId: "pscanActionEnableScanners" + tags: + - "pscan" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "ids" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/pscan/action/setEnabled/: + get: + description: "Sets whether or not the passive scanning is enabled (Note: the\ + \ enabled state is not persisted)." + operationId: "pscanActionSetEnabled" + tags: + - "pscan" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "enabled" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/pscan/action/setMaxAlertsPerRule/: + get: + description: "Sets the maximum number of alerts a passive scan rule should raise." + operationId: "pscanActionSetMaxAlertsPerRule" + tags: + - "pscan" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "maxAlerts" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/pscan/action/setScanOnlyInScope/: get: - description: >- - - operationId: coreActionSetOptionSingleCookieRequestHeader + description: "Sets whether or not the passive scan should be performed only\ + \ on messages that are in scope." + operationId: "pscanActionSetScanOnlyInScope" tags: - - core + - "pscan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/core/action/setOptionTimeoutInSecs/: + - name: "onlyInScope" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/pscan/action/setScannerAlertThreshold/: get: - description: >- - Sets the connection time out, in seconds. - operationId: coreActionSetOptionTimeoutInSecs + description: "Sets the alert threshold of the passive scan rule with the given\ + \ ID, accepted values for alert threshold: OFF, DEFAULT, LOW, MEDIUM and HIGH" + operationId: "pscanActionSetScannerAlertThreshold" tags: - - core + - "pscan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Integer - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/core/action/setOptionUseProxyChain/: + - name: "id" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "alertThreshold" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/pscan/view/currentRule/: get: - description: >- - Sets whether or not the outgoing proxy should be used. The address/hostname of the outgoing proxy must be set to enable this option. - operationId: coreActionSetOptionUseProxyChain + description: "Use the currentTasks view instead." + deprecated: true + operationId: "pscanViewCurrentRule" tags: - - core + - "pscan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/core/action/setOptionUseProxyChainAuth/: + $ref: "#/components/responses/ErrorJson" + /JSON/pscan/view/currentTasks/: get: - description: >- - - operationId: coreActionSetOptionUseProxyChainAuth + description: "Show information about the passive scan tasks currently being\ + \ run (if any)." + operationId: "pscanViewCurrentTasks" tags: - - core + - "pscan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /OTHER/core/other/proxy.pac/: + $ref: "#/components/responses/ErrorJson" + /JSON/pscan/view/maxAlertsPerRule/: get: - description: >- - - operationId: coreOtherProxy.pac + description: "Gets the maximum number of alerts a passive scan rule should raise." + operationId: "pscanViewMaxAlertsPerRule" tags: - - core + - "pscan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /OTHER/core/other/rootcert/: + $ref: "#/components/responses/ErrorJson" + /JSON/pscan/view/recordsToScan/: get: - description: >- - Gets the Root CA certificate used by the local proxies. - operationId: coreOtherRootcert + description: "The number of records the passive scanner still has to scan" + operationId: "pscanViewRecordsToScan" tags: - - core + - "pscan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /OTHER/core/other/setproxy/: + $ref: "#/components/responses/ErrorJson" + /JSON/pscan/view/scanOnlyInScope/: get: - description: >- - - operationId: coreOtherSetproxy + description: "Tells whether or not the passive scan should be performed only\ + \ on messages that are in scope." + operationId: "pscanViewScanOnlyInScope" tags: - - core + - "pscan" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: proxy - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /OTHER/core/other/xmlreport/: + $ref: "#/components/responses/ErrorJson" + /JSON/pscan/view/scanners/: get: - description: >- - Generates a report in XML format - operationId: coreOtherXmlreport + description: "Lists all passive scan rules with their ID, name, enabled state,\ + \ and alert threshold." + operationId: "pscanViewScanners" + tags: + - "pscan" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /OTHER/quickstartlaunch/other/startPage/: + get: + description: "" + operationId: "quickstartlaunchOtherStartPage" + tags: + - "quickstartlaunch" + responses: + default: + $ref: "#/components/responses/ErrorOther" + /JSON/replacer/action/addRule/: + get: + description: "Adds a replacer rule. For the parameters: desc is a user friendly\ + \ description, enabled is true or false, matchType is one of [REQ_HEADER,\ + \ REQ_HEADER_STR, REQ_BODY_STR, RESP_HEADER, RESP_HEADER_STR, RESP_BODY_STR],\ + \ matchRegex should be true if the matchString should be treated as a regex\ + \ otherwise false, matchString is the string that will be matched against,\ + \ replacement is the replacement string, initiators may be blank (for all\ + \ initiators) or a comma separated list of integers as defined in HttpSender " + operationId: "replacerActionAddRule" + tags: + - "replacer" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "description" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "enabled" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "matchType" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "matchRegex" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "matchString" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "replacement" + in: "query" + description: "" + schema: + type: "string" + - name: "initiators" + in: "query" + description: "" + schema: + type: "string" + - name: "url" + in: "query" + description: "A regular expression to match the URL of the message, if empty\ + \ the rule applies to all messages." + schema: + type: "string" + /JSON/replacer/action/removeRule/: + get: + description: "Removes the rule with the given description" + operationId: "replacerActionRemoveRule" + tags: + - "replacer" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "description" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/replacer/action/setEnabled/: + get: + description: "Enables or disables the rule with the given description based\ + \ on the bool parameter " + operationId: "replacerActionSetEnabled" + tags: + - "replacer" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "description" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "bool" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/replacer/view/rules/: + get: + description: "Returns full details of all of the rules" + operationId: "replacerViewRules" + tags: + - "replacer" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/reports/action/generate/: + get: + description: "Generate a report with the supplied parameters." + operationId: "reportsActionGenerate" + tags: + - "reports" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "title" + in: "query" + required: true + description: "Report Title" + schema: + type: "string" + - name: "template" + in: "query" + required: true + description: "Report Template" + schema: + type: "string" + - name: "theme" + in: "query" + description: "Report Theme" + schema: + type: "string" + - name: "description" + in: "query" + description: "Report Description" + schema: + type: "string" + - name: "contexts" + in: "query" + description: "The name of the contexts to be included in the report, separated\ + \ by '|'." + schema: + type: "string" + - name: "sites" + in: "query" + description: "The site URLs that should be included in the report, separated\ + \ by '|'." + schema: + type: "string" + - name: "sections" + in: "query" + description: "The report sections that should be included, separated by '|'." + schema: + type: "string" + - name: "includedConfidences" + in: "query" + description: "Confidences that should be included in the report, separated by\ + \ '|'. Accepted values are \"False Positive\", \"Low\", \"Medium\", \"High\"\ + , and \"Confirmed\"." + schema: + type: "string" + - name: "includedRisks" + in: "query" + description: "Risks that should be included in the report, separated by '|'.\ + \ Accepted values are \"Informational\", \"Low\", \"Medium\", and \"High\"\ + ." + schema: + type: "string" + - name: "reportFileName" + in: "query" + description: "The file name of the generated report. This value overrides the\ + \ reportFileNamePattern parameter." + schema: + type: "string" + - name: "reportFileNamePattern" + in: "query" + description: "Report File Name Pattern." + schema: + type: "string" + - name: "reportDir" + in: "query" + description: "Path to directory in which the generated report should be placed." + schema: + type: "string" + - name: "display" + in: "query" + description: "Display the generated report. Either \"true\" or \"false\"." + schema: + type: "string" + /JSON/reports/view/templateDetails/: + get: + description: "View details of the specified template." + operationId: "reportsViewTemplateDetails" + tags: + - "reports" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "template" + in: "query" + required: true + description: "Template Label" + schema: + type: "string" + /JSON/reports/view/templates/: + get: + description: "View available templates." + operationId: "reportsViewTemplates" + tags: + - "reports" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/retest/action/retest/: + get: + description: "" + operationId: "retestActionRetest" + tags: + - "retest" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "alertIds" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/reveal/action/setReveal/: + get: + description: "Sets if shows hidden fields and enables disabled fields" + operationId: "revealActionSetReveal" + tags: + - "reveal" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "reveal" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/reveal/view/reveal/: + get: + description: "Tells if shows hidden fields and enables disabled fields" + operationId: "revealViewReveal" + tags: + - "reveal" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/revisit/action/revisitSiteOff/: + get: + description: "" + operationId: "revisitActionRevisitSiteOff" tags: - - core + - "revisit" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /OTHER/core/other/htmlreport/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "site" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/revisit/action/revisitSiteOn/: get: - description: >- - Generates a report in HTML format - operationId: coreOtherHtmlreport + description: "" + operationId: "revisitActionRevisitSiteOn" tags: - - core + - "revisit" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /OTHER/core/other/jsonreport/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "site" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "startTime" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "endTime" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/revisit/view/revisitList/: get: - description: >- - Generates a report in JSON format - operationId: coreOtherJsonreport + description: "" + operationId: "revisitViewRevisitList" tags: - - core + - "revisit" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /OTHER/core/other/mdreport/: + $ref: "#/components/responses/ErrorJson" + /JSON/ruleConfig/action/resetAllRuleConfigValues/: get: - description: >- - Generates a report in Markdown format - operationId: coreOtherMdreport + description: "Reset all of the rule configurations" + operationId: "ruleConfigActionResetAllRuleConfigValues" tags: - - core + - "ruleConfig" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /OTHER/core/other/messageHar/: + $ref: "#/components/responses/ErrorJson" + /JSON/ruleConfig/action/resetRuleConfigValue/: get: - description: >- - Gets the message with the given ID in HAR format - operationId: coreOtherMessageHar + description: "Reset the specified rule configuration, which must already exist" + operationId: "ruleConfigActionResetRuleConfigValue" tags: - - core + - "ruleConfig" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: id - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /OTHER/core/other/messagesHar/: - get: - description: >- - Gets the HTTP messages sent through/by ZAP, in HAR format, optionally filtered by URL and paginated with 'start' position and 'count' of messages - operationId: coreOtherMessagesHar - tags: - - core - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: baseurl - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: start - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - - name: count - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - /OTHER/core/other/messagesHarById/: + - name: "key" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/ruleConfig/action/setRuleConfigValue/: get: - description: >- - Gets the HTTP messages with the given IDs, in HAR format. - operationId: coreOtherMessagesHarById + description: "Set the specified rule configuration, which must already exist" + operationId: "ruleConfigActionSetRuleConfigValue" tags: - - core + - "ruleConfig" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: ids - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /OTHER/core/other/sendHarRequest/: - get: - description: >- - Sends the first HAR request entry, optionally following redirections. Returns, in HAR format, the request sent and response received and followed redirections, if any. The Mode is enforced when sending the request (and following redirections), custom manual requests are not allowed in 'Safe' mode nor in 'Protected' mode if out of scope. - operationId: coreOtherSendHarRequest - tags: - - core - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: request - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: followRedirects - in: query - required: false - deprecated: false - description: "" - schema: - type: boolean - /JSON/params/view/params/: - get: - description: >- - Shows the parameters for the specified site, or for all sites if the site is not specified - operationId: paramsViewParams - tags: - - params - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: site - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/view/status/: + - name: "key" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "value" + in: "query" + description: "" + schema: + type: "string" + /JSON/ruleConfig/view/allRuleConfigs/: get: - description: >- - - operationId: ascanViewStatus + description: "Show all of the rule configurations" + operationId: "ruleConfigViewAllRuleConfigs" tags: - - ascan + - "ruleConfig" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: scanId - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - /JSON/ascan/view/scanProgress/: + $ref: "#/components/responses/ErrorJson" + /JSON/ruleConfig/view/ruleConfigValue/: get: - description: >- - - operationId: ascanViewScanProgress + description: "Show the specified rule configuration" + operationId: "ruleConfigViewRuleConfigValue" tags: - - ascan + - "ruleConfig" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: scanId - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - /JSON/ascan/view/messagesIds/: + - name: "key" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/script/action/clearGlobalCustomVar/: get: - description: >- - Gets the IDs of the messages sent during the scan with the given ID. A message can be obtained with 'message' core view. - operationId: ascanViewMessagesIds + description: "Clears a global custom variable." + operationId: "scriptActionClearGlobalCustomVar" tags: - - ascan + - "script" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: scanId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/ascan/view/alertsIds/: + - name: "varKey" + in: "query" + required: true + description: "The key of the variable." + schema: + type: "string" + /JSON/script/action/clearGlobalVar/: get: - description: >- - Gets the IDs of the alerts raised during the scan with the given ID. An alert can be obtained with 'alert' core view. - operationId: ascanViewAlertsIds + description: "Clears the global variable with the given key." + operationId: "scriptActionClearGlobalVar" tags: - - ascan + - "script" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: scanId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/ascan/view/scans/: + - name: "varKey" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/script/action/clearGlobalVars/: get: - description: >- - - operationId: ascanViewScans + description: "Clears the global variables." + operationId: "scriptActionClearGlobalVars" tags: - - ascan + - "script" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/view/scanPolicyNames/: + $ref: "#/components/responses/ErrorJson" + /JSON/script/action/clearScriptCustomVar/: get: - description: >- - - operationId: ascanViewScanPolicyNames + description: "Clears a script custom variable." + operationId: "scriptActionClearScriptCustomVar" tags: - - ascan + - "script" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/view/excludedFromScan/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "scriptName" + in: "query" + required: true + description: "The name of the script." + schema: + type: "string" + - name: "varKey" + in: "query" + required: true + description: "The key of the variable." + schema: + type: "string" + /JSON/script/action/clearScriptVar/: get: - description: >- - Gets the regexes of URLs excluded from the active scans. - operationId: ascanViewExcludedFromScan + description: "Clears the variable with the given key of the given script. Returns\ + \ an API error (DOES_NOT_EXIST) if no script with the given name exists." + operationId: "scriptActionClearScriptVar" tags: - - ascan + - "script" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/view/scanners/: - get: - description: >- - Gets the scanners, optionally, of the given scan policy and/or scanner policy/category ID. - operationId: ascanViewScanners - tags: - - ascan - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: scanPolicyName - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: policyId - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - /JSON/ascan/view/policies/: - get: - description: >- - - operationId: ascanViewPolicies - tags: - - ascan - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: scanPolicyName - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: policyId - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - /JSON/ascan/view/attackModeQueue/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "scriptName" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "varKey" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/script/action/clearScriptVars/: get: - description: >- - - operationId: ascanViewAttackModeQueue + description: "Clears the variables of the given script. Returns an API error\ + \ (DOES_NOT_EXIST) if no script with the given name exists." + operationId: "scriptActionClearScriptVars" tags: - - ascan + - "script" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/view/excludedParams/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "scriptName" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/script/action/disable/: get: - description: >- - Gets all the parameters that are excluded. For each parameter the following are shown: the name, the URL, and the parameter type. - operationId: ascanViewExcludedParams + description: "Disables the script with the given name" + operationId: "scriptActionDisable" tags: - - ascan + - "script" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/view/optionExcludedParamList/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "scriptName" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/script/action/enable/: get: - description: >- - Use view excludedParams instead. - deprecated: true - operationId: ascanViewOptionExcludedParamList + description: "Enables the script with the given name" + operationId: "scriptActionEnable" tags: - - ascan + - "script" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/view/excludedParamTypes/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "scriptName" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/script/action/load/: + get: + description: "Loads a script into ZAP from the given local file, with the given\ + \ name, type and engine, optionally with a description, and a charset name\ + \ to read the script (the charset name is required if the script is not in\ + \ UTF-8, for example, in ISO-8859-1)." + operationId: "scriptActionLoad" + tags: + - "script" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "scriptName" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "scriptType" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "scriptEngine" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "fileName" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "scriptDescription" + in: "query" + description: "" + schema: + type: "string" + - name: "charset" + in: "query" + description: "" + schema: + type: "string" + /JSON/script/action/remove/: get: - description: >- - Gets all the types of excluded parameters. For each type the following are shown: the ID and the name. - operationId: ascanViewExcludedParamTypes + description: "Removes the script with the given name" + operationId: "scriptActionRemove" tags: - - ascan + - "script" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/view/optionAttackPolicy/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "scriptName" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/script/action/runStandAloneScript/: get: - description: >- - - operationId: ascanViewOptionAttackPolicy + description: "Runs the stand alone script with the given name" + operationId: "scriptActionRunStandAloneScript" tags: - - ascan + - "script" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/view/optionDefaultPolicy/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "scriptName" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/script/action/setGlobalVar/: get: - description: >- - - operationId: ascanViewOptionDefaultPolicy + description: "Sets the value of the global variable with the given key." + operationId: "scriptActionSetGlobalVar" tags: - - ascan + - "script" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/view/optionDelayInMs/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "varKey" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "varValue" + in: "query" + description: "" + schema: + type: "string" + /JSON/script/action/setScriptVar/: get: - description: >- - - operationId: ascanViewOptionDelayInMs + description: "Sets the value of the variable with the given key of the given\ + \ script. Returns an API error (DOES_NOT_EXIST) if no script with the given\ + \ name exists." + operationId: "scriptActionSetScriptVar" tags: - - ascan + - "script" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/view/optionHandleAntiCSRFTokens/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "scriptName" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "varKey" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "varValue" + in: "query" + description: "" + schema: + type: "string" + /JSON/script/view/globalCustomVar/: get: - description: >- - - operationId: ascanViewOptionHandleAntiCSRFTokens + description: "Gets the value (string representation) of a global custom variable.\ + \ Returns an API error (DOES_NOT_EXIST) if no value was previously set." + operationId: "scriptViewGlobalCustomVar" tags: - - ascan + - "script" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/view/optionHostPerScan/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "varKey" + in: "query" + required: true + description: "The key of the variable." + schema: + type: "string" + /JSON/script/view/globalCustomVars/: get: - description: >- - - operationId: ascanViewOptionHostPerScan + description: "Gets all the global custom variables (key/value pairs, the value\ + \ is the string representation)." + operationId: "scriptViewGlobalCustomVars" tags: - - ascan + - "script" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/view/optionMaxChartTimeInMins/: + $ref: "#/components/responses/ErrorJson" + /JSON/script/view/globalVar/: get: - description: >- - - operationId: ascanViewOptionMaxChartTimeInMins + description: "Gets the value of the global variable with the given key. Returns\ + \ an API error (DOES_NOT_EXIST) if no value was previously set." + operationId: "scriptViewGlobalVar" tags: - - ascan + - "script" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/view/optionMaxResultsToList/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "varKey" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/script/view/globalVars/: get: - description: >- - - operationId: ascanViewOptionMaxResultsToList + description: "Gets all the global variables (key/value pairs)." + operationId: "scriptViewGlobalVars" tags: - - ascan + - "script" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/view/optionMaxRuleDurationInMins/: + $ref: "#/components/responses/ErrorJson" + /JSON/script/view/listEngines/: get: - description: >- - - operationId: ascanViewOptionMaxRuleDurationInMins + description: "Lists the script engines available" + operationId: "scriptViewListEngines" tags: - - ascan + - "script" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/view/optionMaxScanDurationInMins/: + $ref: "#/components/responses/ErrorJson" + /JSON/script/view/listScripts/: get: - description: >- - - operationId: ascanViewOptionMaxScanDurationInMins + description: "Lists the scripts available, with its engine, name, description,\ + \ type and error state." + operationId: "scriptViewListScripts" tags: - - ascan + - "script" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/view/optionMaxScansInUI/: + $ref: "#/components/responses/ErrorJson" + /JSON/script/view/listTypes/: get: - description: >- - - operationId: ascanViewOptionMaxScansInUI + description: "Lists the script types available." + operationId: "scriptViewListTypes" tags: - - ascan + - "script" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/view/optionTargetParamsEnabledRPC/: + $ref: "#/components/responses/ErrorJson" + /JSON/script/view/scriptCustomVar/: get: - description: >- - - operationId: ascanViewOptionTargetParamsEnabledRPC + description: "Gets the value (string representation) of a custom variable. Returns\ + \ an API error (DOES_NOT_EXIST) if no script with the given name exists or\ + \ if no value was previously set." + operationId: "scriptViewScriptCustomVar" tags: - - ascan + - "script" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/view/optionTargetParamsInjectable/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "scriptName" + in: "query" + required: true + description: "The name of the script." + schema: + type: "string" + - name: "varKey" + in: "query" + required: true + description: "The key of the variable." + schema: + type: "string" + /JSON/script/view/scriptCustomVars/: get: - description: >- - - operationId: ascanViewOptionTargetParamsInjectable + description: "Gets all the custom variables (key/value pairs, the value is the\ + \ string representation) of a script. Returns an API error (DOES_NOT_EXIST)\ + \ if no script with the given name exists." + operationId: "scriptViewScriptCustomVars" tags: - - ascan + - "script" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/view/optionThreadPerHost/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "scriptName" + in: "query" + required: true + description: "The name of the script." + schema: + type: "string" + /JSON/script/view/scriptVar/: get: - description: >- - - operationId: ascanViewOptionThreadPerHost + description: "Gets the value of the variable with the given key for the given\ + \ script. Returns an API error (DOES_NOT_EXIST) if no script with the given\ + \ name exists or if no value was previously set." + operationId: "scriptViewScriptVar" tags: - - ascan + - "script" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/view/optionAddQueryParam/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "scriptName" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "varKey" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/script/view/scriptVars/: get: - description: >- - Tells whether or not the active scanner should add a query parameter to GET request that don't have parameters to start with. - operationId: ascanViewOptionAddQueryParam + description: "Gets all the variables (key/value pairs) of the given script.\ + \ Returns an API error (DOES_NOT_EXIST) if no script with the given name exists." + operationId: "scriptViewScriptVars" tags: - - ascan + - "script" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/view/optionAllowAttackOnStart/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "scriptName" + in: "query" + required: true + description: "" + schema: + type: "string" + /OTHER/search/other/harByHeaderRegex/: + get: + description: "Returns the HTTP messages, in HAR format, that match the given\ + \ regular expression in the header(s) optionally filtered by URL and paginated\ + \ with 'start' position and 'count' of messages." + operationId: "searchOtherHarByHeaderRegex" + tags: + - "search" + responses: + default: + $ref: "#/components/responses/ErrorOther" + parameters: + - name: "regex" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "baseurl" + in: "query" + description: "" + schema: + type: "string" + - name: "start" + in: "query" + description: "" + schema: + type: "string" + - name: "count" + in: "query" + description: "" + schema: + type: "string" + /OTHER/search/other/harByRequestRegex/: + get: + description: "Returns the HTTP messages, in HAR format, that match the given\ + \ regular expression in the request optionally filtered by URL and paginated\ + \ with 'start' position and 'count' of messages." + operationId: "searchOtherHarByRequestRegex" + tags: + - "search" + responses: + default: + $ref: "#/components/responses/ErrorOther" + parameters: + - name: "regex" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "baseurl" + in: "query" + description: "" + schema: + type: "string" + - name: "start" + in: "query" + description: "" + schema: + type: "string" + - name: "count" + in: "query" + description: "" + schema: + type: "string" + /OTHER/search/other/harByResponseRegex/: + get: + description: "Returns the HTTP messages, in HAR format, that match the given\ + \ regular expression in the response optionally filtered by URL and paginated\ + \ with 'start' position and 'count' of messages." + operationId: "searchOtherHarByResponseRegex" + tags: + - "search" + responses: + default: + $ref: "#/components/responses/ErrorOther" + parameters: + - name: "regex" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "baseurl" + in: "query" + description: "" + schema: + type: "string" + - name: "start" + in: "query" + description: "" + schema: + type: "string" + - name: "count" + in: "query" + description: "" + schema: + type: "string" + /OTHER/search/other/harByUrlRegex/: + get: + description: "Returns the HTTP messages, in HAR format, that match the given\ + \ regular expression in the URL optionally filtered by URL and paginated with\ + \ 'start' position and 'count' of messages." + operationId: "searchOtherHarByUrlRegex" + tags: + - "search" + responses: + default: + $ref: "#/components/responses/ErrorOther" + parameters: + - name: "regex" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "baseurl" + in: "query" + description: "" + schema: + type: "string" + - name: "start" + in: "query" + description: "" + schema: + type: "string" + - name: "count" + in: "query" + description: "" + schema: + type: "string" + /JSON/search/view/messagesByHeaderRegex/: + get: + description: "Returns the HTTP messages that match the given regular expression\ + \ in the header(s) optionally filtered by URL and paginated with 'start' position\ + \ and 'count' of messages." + operationId: "searchViewMessagesByHeaderRegex" + tags: + - "search" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "regex" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "baseurl" + in: "query" + description: "The highest URL in the Sites tree under which messages should\ + \ be included." + schema: + type: "string" + - name: "start" + in: "query" + description: "" + schema: + type: "string" + - name: "count" + in: "query" + description: "" + schema: + type: "string" + /JSON/search/view/messagesByRequestRegex/: + get: + description: "Returns the HTTP messages that match the given regular expression\ + \ in the request optionally filtered by URL and paginated with 'start' position\ + \ and 'count' of messages." + operationId: "searchViewMessagesByRequestRegex" + tags: + - "search" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "regex" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "baseurl" + in: "query" + description: "The highest URL in the Sites tree under which messages should\ + \ be included." + schema: + type: "string" + - name: "start" + in: "query" + description: "" + schema: + type: "string" + - name: "count" + in: "query" + description: "" + schema: + type: "string" + /JSON/search/view/messagesByResponseRegex/: + get: + description: "Returns the HTTP messages that match the given regular expression\ + \ in the response optionally filtered by URL and paginated with 'start' position\ + \ and 'count' of messages." + operationId: "searchViewMessagesByResponseRegex" + tags: + - "search" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "regex" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "baseurl" + in: "query" + description: "The highest URL in the Sites tree under which messages should\ + \ be included." + schema: + type: "string" + - name: "start" + in: "query" + description: "" + schema: + type: "string" + - name: "count" + in: "query" + description: "" + schema: + type: "string" + /JSON/search/view/messagesByUrlRegex/: + get: + description: "Returns the HTTP messages that match the given regular expression\ + \ in the URL optionally filtered by URL and paginated with 'start' position\ + \ and 'count' of messages." + operationId: "searchViewMessagesByUrlRegex" + tags: + - "search" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "regex" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "baseurl" + in: "query" + description: "The highest URL in the Sites tree under which messages should\ + \ be included." + schema: + type: "string" + - name: "start" + in: "query" + description: "" + schema: + type: "string" + - name: "count" + in: "query" + description: "" + schema: + type: "string" + /JSON/search/view/urlsByHeaderRegex/: + get: + description: "Returns the URLs of the HTTP messages that match the given regular\ + \ expression in the header(s) optionally filtered by URL and paginated with\ + \ 'start' position and 'count' of messages." + operationId: "searchViewUrlsByHeaderRegex" + tags: + - "search" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "regex" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "baseurl" + in: "query" + description: "The highest URL in the Sites tree under which URLs should be included." + schema: + type: "string" + - name: "start" + in: "query" + description: "" + schema: + type: "string" + - name: "count" + in: "query" + description: "" + schema: + type: "string" + /JSON/search/view/urlsByRequestRegex/: + get: + description: "Returns the URLs of the HTTP messages that match the given regular\ + \ expression in the request optionally filtered by URL and paginated with\ + \ 'start' position and 'count' of messages." + operationId: "searchViewUrlsByRequestRegex" + tags: + - "search" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "regex" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "baseurl" + in: "query" + description: "The highest URL in the Sites tree under which URLs should be included." + schema: + type: "string" + - name: "start" + in: "query" + description: "" + schema: + type: "string" + - name: "count" + in: "query" + description: "" + schema: + type: "string" + /JSON/search/view/urlsByResponseRegex/: + get: + description: "Returns the URLs of the HTTP messages that match the given regular\ + \ expression in the response optionally filtered by URL and paginated with\ + \ 'start' position and 'count' of messages." + operationId: "searchViewUrlsByResponseRegex" + tags: + - "search" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "regex" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "baseurl" + in: "query" + description: "The highest URL in the Sites tree under which URLs should be included." + schema: + type: "string" + - name: "start" + in: "query" + description: "" + schema: + type: "string" + - name: "count" + in: "query" + description: "" + schema: + type: "string" + /JSON/search/view/urlsByUrlRegex/: + get: + description: "Returns the URLs of the HTTP messages that match the given regular\ + \ expression in the URL optionally filtered by URL and paginated with 'start'\ + \ position and 'count' of messages." + operationId: "searchViewUrlsByUrlRegex" + tags: + - "search" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "regex" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "baseurl" + in: "query" + description: "The highest URL in the Sites tree under which URLs should be included." + schema: + type: "string" + - name: "start" + in: "query" + description: "" + schema: + type: "string" + - name: "count" + in: "query" + description: "" + schema: + type: "string" + /JSON/selenium/action/addBrowserArgument/: + get: + description: "Adds a browser argument." + operationId: "seleniumActionAddBrowserArgument" + tags: + - "selenium" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "browser" + in: "query" + required: true + description: "The browser, chrome or firefox." + schema: + type: "string" + - name: "argument" + in: "query" + required: true + description: "The argument." + schema: + type: "string" + - name: "enabled" + in: "query" + description: "The enabled state, true or false." + schema: + type: "string" + /JSON/selenium/action/removeBrowserArgument/: + get: + description: "Removes a browser argument." + operationId: "seleniumActionRemoveBrowserArgument" + tags: + - "selenium" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "browser" + in: "query" + required: true + description: "The browser, chrome or firefox." + schema: + type: "string" + - name: "argument" + in: "query" + required: true + description: "The argument." + schema: + type: "string" + /JSON/selenium/action/setBrowserArgumentEnabled/: get: - description: >- - - operationId: ascanViewOptionAllowAttackOnStart + description: "Sets whether or not a browser argument is enabled." + operationId: "seleniumActionSetBrowserArgumentEnabled" + tags: + - "selenium" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "browser" + in: "query" + required: true + description: "The browser, chrome or firefox." + schema: + type: "string" + - name: "argument" + in: "query" + required: true + description: "The argument." + schema: + type: "string" + - name: "enabled" + in: "query" + required: true + description: "The enabled state, true or false." + schema: + type: "string" + /JSON/selenium/action/setOptionChromeBinaryPath/: + get: + description: "Sets the current path to Chrome binary" + operationId: "seleniumActionSetOptionChromeBinaryPath" + tags: + - "selenium" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "String" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/selenium/action/setOptionChromeDriverPath/: + get: + description: "Sets the current path to ChromeDriver" + operationId: "seleniumActionSetOptionChromeDriverPath" tags: - - ascan + - "selenium" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/view/optionInjectPluginIdInHeader/: - get: - description: >- - Tells whether or not the active scanner should inject the HTTP request header X-ZAP-Scan-ID, with the ID of the scanner that's sending the requests. - operationId: ascanViewOptionInjectPluginIdInHeader + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "String" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/selenium/action/setOptionFirefoxBinaryPath/: + get: + description: "Sets the current path to Firefox binary" + operationId: "seleniumActionSetOptionFirefoxBinaryPath" tags: - - ascan + - "selenium" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/view/optionPromptInAttackMode/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "String" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/selenium/action/setOptionFirefoxDefaultProfile/: get: - description: >- - - operationId: ascanViewOptionPromptInAttackMode + description: "" + operationId: "seleniumActionSetOptionFirefoxDefaultProfile" tags: - - ascan + - "selenium" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/view/optionPromptToClearFinishedScans/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "String" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/selenium/action/setOptionFirefoxDriverPath/: get: - description: >- - - operationId: ascanViewOptionPromptToClearFinishedScans + description: "Sets the current path to Firefox driver (geckodriver)" + operationId: "seleniumActionSetOptionFirefoxDriverPath" tags: - - ascan + - "selenium" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/view/optionRescanInAttackMode/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "String" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/selenium/action/setOptionIeDriverPath/: get: - description: >- - - operationId: ascanViewOptionRescanInAttackMode + description: "Option no longer in effective use." + deprecated: true + operationId: "seleniumActionSetOptionIeDriverPath" tags: - - ascan + - "selenium" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/view/optionScanHeadersAllRequests/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "String" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/selenium/action/setOptionLastDirectory/: get: - description: >- - Tells whether or not the HTTP Headers of all requests should be scanned. Not just requests that send parameters, through the query or request body. - operationId: ascanViewOptionScanHeadersAllRequests + description: "" + operationId: "seleniumActionSetOptionLastDirectory" tags: - - ascan + - "selenium" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/view/optionShowAdvancedDialog/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "String" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/selenium/action/setOptionPhantomJsBinaryPath/: get: - description: >- - - operationId: ascanViewOptionShowAdvancedDialog + description: "Option no longer in effective use." + deprecated: true + operationId: "seleniumActionSetOptionPhantomJsBinaryPath" tags: - - ascan + - "selenium" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/action/scan/: - get: - description: >- - Runs the active scanner against the given URL and/or Context. Optionally, the 'recurse' parameter can be used to scan URLs under the given URL, the parameter 'inScopeOnly' can be used to constrain the scan to URLs that are in scope (ignored if a Context is specified), the parameter 'scanPolicyName' allows to specify the scan policy (if none is given it uses the default scan policy), the parameters 'method' and 'postData' allow to select a given request in conjunction with the given URL. - operationId: ascanActionScan - tags: - - ascan - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: url - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: recurse - in: query - required: false - deprecated: false - description: "" - schema: - type: boolean - - name: inScopeOnly - in: query - required: false - deprecated: false - description: "" - schema: - type: boolean - - name: scanPolicyName - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: method - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: postData - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: contextId - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - /JSON/ascan/action/scanAsUser/: - get: - description: >- - Active Scans from the perspective of a User, obtained using the given Context ID and User ID. See 'scan' action for more details. - operationId: ascanActionScanAsUser - tags: - - ascan - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: url - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: contextId - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - - name: userId - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - - name: recurse - in: query - required: false - deprecated: false - description: "" - schema: - type: boolean - - name: scanPolicyName - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: method - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: postData - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/pause/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "String" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/selenium/view/getBrowserArguments/: get: - description: >- - - operationId: ascanActionPause + description: "Gets the browser arguments." + operationId: "seleniumViewGetBrowserArguments" tags: - - ascan + - "selenium" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: scanId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/ascan/action/resume/: + - name: "browser" + in: "query" + required: true + description: "The browser, chrome or firefox." + schema: + type: "string" + /JSON/selenium/view/optionBrowserExtensions/: get: - description: >- - - operationId: ascanActionResume + description: "" + operationId: "seleniumViewOptionBrowserExtensions" tags: - - ascan + - "selenium" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: scanId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/ascan/action/stop/: + $ref: "#/components/responses/ErrorJson" + /JSON/selenium/view/optionChromeBinaryPath/: get: - description: >- - - operationId: ascanActionStop + description: "Returns the current path to Chrome binary" + operationId: "seleniumViewOptionChromeBinaryPath" tags: - - ascan + - "selenium" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: scanId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/ascan/action/removeScan/: + $ref: "#/components/responses/ErrorJson" + /JSON/selenium/view/optionChromeDriverPath/: get: - description: >- - - operationId: ascanActionRemoveScan + description: "Returns the current path to ChromeDriver" + operationId: "seleniumViewOptionChromeDriverPath" tags: - - ascan + - "selenium" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: scanId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/ascan/action/pauseAllScans/: + $ref: "#/components/responses/ErrorJson" + /JSON/selenium/view/optionFirefoxBinaryPath/: get: - description: >- - - operationId: ascanActionPauseAllScans + description: "Returns the current path to Firefox binary" + operationId: "seleniumViewOptionFirefoxBinaryPath" tags: - - ascan + - "selenium" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/action/resumeAllScans/: + $ref: "#/components/responses/ErrorJson" + /JSON/selenium/view/optionFirefoxDefaultProfile/: get: - description: >- - - operationId: ascanActionResumeAllScans + description: "" + operationId: "seleniumViewOptionFirefoxDefaultProfile" tags: - - ascan + - "selenium" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/action/stopAllScans/: + $ref: "#/components/responses/ErrorJson" + /JSON/selenium/view/optionFirefoxDriverPath/: get: - description: >- - - operationId: ascanActionStopAllScans + description: "Returns the current path to Firefox driver (geckodriver)" + operationId: "seleniumViewOptionFirefoxDriverPath" tags: - - ascan + - "selenium" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/action/removeAllScans/: + $ref: "#/components/responses/ErrorJson" + /JSON/selenium/view/optionIeDriverPath/: get: - description: >- - - operationId: ascanActionRemoveAllScans + description: "Option no longer in effective use." + deprecated: true + operationId: "seleniumViewOptionIeDriverPath" tags: - - ascan + - "selenium" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/action/clearExcludedFromScan/: + $ref: "#/components/responses/ErrorJson" + /JSON/selenium/view/optionLastDirectory/: get: - description: >- - Clears the regexes of URLs excluded from the active scans. - operationId: ascanActionClearExcludedFromScan + description: "" + operationId: "seleniumViewOptionLastDirectory" tags: - - ascan + - "selenium" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ascan/action/excludeFromScan/: + $ref: "#/components/responses/ErrorJson" + /JSON/selenium/view/optionPhantomJsBinaryPath/: get: - description: >- - Adds a regex of URLs that should be excluded from the active scans. - operationId: ascanActionExcludeFromScan + description: "Option no longer in effective use." + deprecated: true + operationId: "seleniumViewOptionPhantomJsBinaryPath" tags: - - ascan + - "selenium" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: regex - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/enableAllScanners/: + $ref: "#/components/responses/ErrorJson" + /JSON/sessionManagement/action/setSessionManagementMethod/: + get: + description: "Sets the session management method for the context with the given\ + \ ID." + operationId: "sessionManagementActionSetSessionManagementMethod" + tags: + - "sessionManagement" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextId" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "methodName" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "methodConfigParams" + in: "query" + description: "" + schema: + type: "string" + /JSON/sessionManagement/view/getSessionManagementMethod/: get: - description: >- - Enables all scanners of the scan policy with the given name, or the default if none given. - operationId: ascanActionEnableAllScanners + description: "Gets the name of the session management method for the context\ + \ with the given ID." + operationId: "sessionManagementViewGetSessionManagementMethod" tags: - - ascan + - "sessionManagement" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: scanPolicyName - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/disableAllScanners/: + - name: "contextId" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/sessionManagement/view/getSessionManagementMethodConfigParams/: get: - description: >- - Disables all scanners of the scan policy with the given name, or the default if none given. - operationId: ascanActionDisableAllScanners + description: "Gets the configuration parameters for the session management method\ + \ with the given name." + operationId: "sessionManagementViewGetSessionManagementMethodConfigParams" tags: - - ascan + - "sessionManagement" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: scanPolicyName - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/enableScanners/: - get: - description: >- - Enables the scanners with the given IDs (comma separated list of IDs) of the scan policy with the given name, or the default if none given. - operationId: ascanActionEnableScanners - tags: - - ascan - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: ids - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: scanPolicyName - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/disableScanners/: - get: - description: >- - Disables the scanners with the given IDs (comma separated list of IDs) of the scan policy with the given name, or the default if none given. - operationId: ascanActionDisableScanners - tags: - - ascan - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: ids - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: scanPolicyName - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/setEnabledPolicies/: - get: - description: >- - - operationId: ascanActionSetEnabledPolicies - tags: - - ascan - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: ids - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: scanPolicyName - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/setPolicyAttackStrength/: - get: - description: >- - - operationId: ascanActionSetPolicyAttackStrength - tags: - - ascan - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: id - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: attackStrength - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: scanPolicyName - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/setPolicyAlertThreshold/: - get: - description: >- - - operationId: ascanActionSetPolicyAlertThreshold - tags: - - ascan - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: id - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: alertThreshold - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: scanPolicyName - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/setScannerAttackStrength/: - get: - description: >- - - operationId: ascanActionSetScannerAttackStrength - tags: - - ascan - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: id - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: attackStrength - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: scanPolicyName - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/setScannerAlertThreshold/: - get: - description: >- - - operationId: ascanActionSetScannerAlertThreshold - tags: - - ascan - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: id - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: alertThreshold - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: scanPolicyName - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/addScanPolicy/: + - name: "methodName" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/sessionManagement/view/getSupportedSessionManagementMethods/: get: - description: >- - - operationId: ascanActionAddScanPolicy - tags: - - ascan - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: scanPolicyName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: alertThreshold - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: attackStrength - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/removeScanPolicy/: + description: "Gets the name of the session management methods." + operationId: "sessionManagementViewGetSupportedSessionManagementMethods" + tags: + - "sessionManagement" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/soap/action/importFile/: get: - description: >- - - operationId: ascanActionRemoveScanPolicy + description: "Import a WSDL definition from local file." + operationId: "soapActionImportFile" tags: - - ascan + - "soap" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: scanPolicyName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/updateScanPolicy/: + - name: "file" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/soap/action/importUrl/: get: - description: >- - - operationId: ascanActionUpdateScanPolicy - tags: - - ascan - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: scanPolicyName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: alertThreshold - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: attackStrength - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/importScanPolicy/: - get: - description: >- - Imports a Scan Policy using the given file system path. - operationId: ascanActionImportScanPolicy + description: "Import a WSDL definition from a URL." + operationId: "soapActionImportUrl" tags: - - ascan + - "soap" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: path - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/addExcludedParam/: - get: - description: >- - Adds a new parameter excluded from the scan, using the specified name. Optionally sets if the new entry applies to a specific URL (default, all URLs) and sets the ID of the type of the parameter (default, ID of any type). The type IDs can be obtained with the view excludedParamTypes. - operationId: ascanActionAddExcludedParam - tags: - - ascan - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: name - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: type - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: url - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/modifyExcludedParam/: + - name: "url" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/spider/action/addDomainAlwaysInScope/: get: - description: >- - Modifies a parameter excluded from the scan. Allows to modify the name, the URL and the type of parameter. The parameter is selected with its index, which can be obtained with the view excludedParams. - operationId: ascanActionModifyExcludedParam - tags: - - ascan - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: idx - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: name - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: type - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: url - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/removeExcludedParam/: + description: "Adds a new domain that's always in scope, using the specified\ + \ value. Optionally sets if the new entry is enabled (default, true) and whether\ + \ or not the new value is specified as a regex (default, false)." + operationId: "spiderActionAddDomainAlwaysInScope" + tags: + - "spider" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "value" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "isRegex" + in: "query" + description: "" + schema: + type: "string" + - name: "isEnabled" + in: "query" + description: "" + schema: + type: "string" + /JSON/spider/action/clearExcludedFromScan/: get: - description: >- - Removes a parameter excluded from the scan, with the given index. The index can be obtained with the view excludedParams. - operationId: ascanActionRemoveExcludedParam + description: "Clears the regexes of URLs excluded from the spider scans." + operationId: "spiderActionClearExcludedFromScan" tags: - - ascan + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: idx - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/ascan/action/skipScanner/: - get: - description: >- - Skips the scanner using the given IDs of the scan and the scanner. - operationId: ascanActionSkipScanner - tags: - - ascan - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: scanId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: scannerId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/ascan/action/setOptionAttackPolicy/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/action/disableAllDomainsAlwaysInScope/: get: - description: >- - - operationId: ascanActionSetOptionAttackPolicy + description: "Disables all domains that are always in scope." + operationId: "spiderActionDisableAllDomainsAlwaysInScope" tags: - - ascan + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: String - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/setOptionDefaultPolicy/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/action/enableAllDomainsAlwaysInScope/: get: - description: >- - - operationId: ascanActionSetOptionDefaultPolicy + description: "Enables all domains that are always in scope." + operationId: "spiderActionEnableAllDomainsAlwaysInScope" tags: - - ascan + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: String - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/setOptionAddQueryParam/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/action/excludeFromScan/: get: - description: >- - Sets whether or not the active scanner should add a query param to GET requests which do not have parameters to start with. - operationId: ascanActionSetOptionAddQueryParam + description: "Adds a regex of URLs that should be excluded from the spider scans." + operationId: "spiderActionExcludeFromScan" tags: - - ascan + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/setOptionAllowAttackOnStart/: + - name: "regex" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/spider/action/modifyDomainAlwaysInScope/: + get: + description: "Modifies a domain that's always in scope. Allows to modify the\ + \ value, if enabled or if a regex. The domain is selected with its index,\ + \ which can be obtained with the view domainsAlwaysInScope." + operationId: "spiderActionModifyDomainAlwaysInScope" + tags: + - "spider" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "idx" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "value" + in: "query" + description: "" + schema: + type: "string" + - name: "isRegex" + in: "query" + description: "" + schema: + type: "string" + - name: "isEnabled" + in: "query" + description: "" + schema: + type: "string" + /JSON/spider/action/pause/: get: - description: >- - - operationId: ascanActionSetOptionAllowAttackOnStart + description: "" + operationId: "spiderActionPause" tags: - - ascan + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/setOptionDelayInMs/: + - name: "scanId" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/spider/action/pauseAllScans/: get: - description: >- - - operationId: ascanActionSetOptionDelayInMs + description: "" + operationId: "spiderActionPauseAllScans" tags: - - ascan + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: Integer - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/ascan/action/setOptionHandleAntiCSRFTokens/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/action/removeAllScans/: get: - description: >- - - operationId: ascanActionSetOptionHandleAntiCSRFTokens + description: "" + operationId: "spiderActionRemoveAllScans" tags: - - ascan + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/setOptionHostPerScan/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/action/removeDomainAlwaysInScope/: get: - description: >- - - operationId: ascanActionSetOptionHostPerScan + description: "Removes a domain that's always in scope, with the given index.\ + \ The index can be obtained with the view domainsAlwaysInScope." + operationId: "spiderActionRemoveDomainAlwaysInScope" tags: - - ascan + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Integer - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/ascan/action/setOptionInjectPluginIdInHeader/: + - name: "idx" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/spider/action/removeScan/: get: - description: >- - Sets whether or not the active scanner should inject the HTTP request header X-ZAP-Scan-ID, with the ID of the scanner that's sending the requests. - operationId: ascanActionSetOptionInjectPluginIdInHeader + description: "" + operationId: "spiderActionRemoveScan" tags: - - ascan + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/setOptionMaxChartTimeInMins/: + - name: "scanId" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/spider/action/resume/: get: - description: >- - - operationId: ascanActionSetOptionMaxChartTimeInMins + description: "" + operationId: "spiderActionResume" tags: - - ascan + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Integer - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/ascan/action/setOptionMaxResultsToList/: + - name: "scanId" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/spider/action/resumeAllScans/: get: - description: >- - - operationId: ascanActionSetOptionMaxResultsToList + description: "" + operationId: "spiderActionResumeAllScans" tags: - - ascan + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: Integer - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/ascan/action/setOptionMaxRuleDurationInMins/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/action/scan/: + get: + description: "Runs the spider against the given URL (or context). Optionally,\ + \ the 'maxChildren' parameter can be set to limit the number of children scanned,\ + \ the 'recurse' parameter can be used to prevent the spider from seeding recursively,\ + \ the parameter 'contextName' can be used to constrain the scan to a Context\ + \ and the parameter 'subtreeOnly' allows to restrict the spider under a site's\ + \ subtree (using the specified 'url')." + operationId: "spiderActionScan" + tags: + - "spider" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "url" + in: "query" + description: "" + schema: + type: "string" + - name: "maxChildren" + in: "query" + description: "" + schema: + type: "string" + - name: "recurse" + in: "query" + description: "" + schema: + type: "string" + - name: "contextName" + in: "query" + description: "" + schema: + type: "string" + - name: "subtreeOnly" + in: "query" + description: "" + schema: + type: "string" + /JSON/spider/action/scanAsUser/: + get: + description: "Runs the spider from the perspective of a User, obtained using\ + \ the given Context ID and User ID. See 'scan' action for more details." + operationId: "spiderActionScanAsUser" + tags: + - "spider" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextId" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "userId" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "url" + in: "query" + description: "" + schema: + type: "string" + - name: "maxChildren" + in: "query" + description: "" + schema: + type: "string" + - name: "recurse" + in: "query" + description: "" + schema: + type: "string" + - name: "subtreeOnly" + in: "query" + description: "" + schema: + type: "string" + /JSON/spider/action/setOptionAcceptCookies/: get: - description: >- - - operationId: ascanActionSetOptionMaxRuleDurationInMins + description: "Sets whether or not a spider process should accept cookies while\ + \ spidering." + operationId: "spiderActionSetOptionAcceptCookies" tags: - - ascan + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Integer - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/ascan/action/setOptionMaxScanDurationInMins/: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/spider/action/setOptionHandleODataParametersVisited/: get: - description: >- - - operationId: ascanActionSetOptionMaxScanDurationInMins + description: "" + operationId: "spiderActionSetOptionHandleODataParametersVisited" tags: - - ascan + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Integer - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/ascan/action/setOptionMaxScansInUI/: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/spider/action/setOptionHandleParameters/: get: - description: >- - - operationId: ascanActionSetOptionMaxScansInUI + description: "" + operationId: "spiderActionSetOptionHandleParameters" tags: - - ascan + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Integer - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/ascan/action/setOptionPromptInAttackMode/: + - name: "String" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/spider/action/setOptionMaxChildren/: get: - description: >- - - operationId: ascanActionSetOptionPromptInAttackMode + description: "Sets the maximum number of child nodes (per node) that can be\ + \ crawled, 0 means no limit." + operationId: "spiderActionSetOptionMaxChildren" tags: - - ascan + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/setOptionPromptToClearFinishedScans/: + - name: "Integer" + in: "query" + required: true + description: "" + schema: + type: "integer" + /JSON/spider/action/setOptionMaxDepth/: get: - description: >- - - operationId: ascanActionSetOptionPromptToClearFinishedScans + description: "Sets the maximum depth the spider can crawl, 0 for unlimited depth." + operationId: "spiderActionSetOptionMaxDepth" tags: - - ascan + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/setOptionRescanInAttackMode/: + - name: "Integer" + in: "query" + required: true + description: "" + schema: + type: "integer" + /JSON/spider/action/setOptionMaxDuration/: get: - description: >- - - operationId: ascanActionSetOptionRescanInAttackMode + description: "" + operationId: "spiderActionSetOptionMaxDuration" tags: - - ascan + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/setOptionScanHeadersAllRequests/: + - name: "Integer" + in: "query" + required: true + description: "" + schema: + type: "integer" + /JSON/spider/action/setOptionMaxParseSizeBytes/: get: - description: >- - Sets whether or not the HTTP Headers of all requests should be scanned. Not just requests that send parameters, through the query or request body. - operationId: ascanActionSetOptionScanHeadersAllRequests + description: "Sets the maximum size, in bytes, that a response might have to\ + \ be parsed. This allows the spider to skip big responses/files." + operationId: "spiderActionSetOptionMaxParseSizeBytes" tags: - - ascan + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/setOptionShowAdvancedDialog/: + - name: "Integer" + in: "query" + required: true + description: "" + schema: + type: "integer" + /JSON/spider/action/setOptionMaxScansInUI/: get: - description: >- - - operationId: ascanActionSetOptionShowAdvancedDialog + description: "" + operationId: "spiderActionSetOptionMaxScansInUI" tags: - - ascan + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/ascan/action/setOptionTargetParamsEnabledRPC/: + - name: "Integer" + in: "query" + required: true + description: "" + schema: + type: "integer" + /JSON/spider/action/setOptionParseComments/: get: - description: >- - - operationId: ascanActionSetOptionTargetParamsEnabledRPC + description: "" + operationId: "spiderActionSetOptionParseComments" tags: - - ascan + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Integer - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/ascan/action/setOptionTargetParamsInjectable/: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/spider/action/setOptionParseDsStore/: get: - description: >- - - operationId: ascanActionSetOptionTargetParamsInjectable + description: "" + operationId: "spiderActionSetOptionParseDsStore" tags: - - ascan + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Integer - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/ascan/action/setOptionThreadPerHost/: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/spider/action/setOptionParseGit/: get: - description: >- - - operationId: ascanActionSetOptionThreadPerHost + description: "" + operationId: "spiderActionSetOptionParseGit" tags: - - ascan + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Integer - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/context/view/contextList/: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/spider/action/setOptionParseRobotsTxt/: get: - description: >- - List context names of current session - operationId: contextViewContextList + description: "" + operationId: "spiderActionSetOptionParseRobotsTxt" tags: - - context + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/context/view/excludeRegexs/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/spider/action/setOptionParseSVNEntries/: get: - description: >- - List excluded regexs for context - operationId: contextViewExcludeRegexs + description: "" + operationId: "spiderActionSetOptionParseSVNEntries" tags: - - context + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: contextName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/context/view/includeRegexs/: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/spider/action/setOptionParseSitemapXml/: get: - description: >- - List included regexs for context - operationId: contextViewIncludeRegexs + description: "" + operationId: "spiderActionSetOptionParseSitemapXml" tags: - - context + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: contextName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/context/view/context/: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/spider/action/setOptionPostForm/: get: - description: >- - List the information about the named context - operationId: contextViewContext + description: "" + operationId: "spiderActionSetOptionPostForm" tags: - - context + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: contextName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/context/view/technologyList/: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/spider/action/setOptionProcessForm/: get: - description: >- - Lists the names of all built in technologies - operationId: contextViewTechnologyList + description: "" + operationId: "spiderActionSetOptionProcessForm" tags: - - context + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/context/view/includedTechnologyList/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/spider/action/setOptionRequestWaitTime/: get: - description: >- - Lists the names of all technologies included in a context - operationId: contextViewIncludedTechnologyList + description: "" + operationId: "spiderActionSetOptionRequestWaitTime" tags: - - context + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: contextName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/context/view/excludedTechnologyList/: + - name: "Integer" + in: "query" + required: true + description: "" + schema: + type: "integer" + /JSON/spider/action/setOptionSendRefererHeader/: get: - description: >- - Lists the names of all technologies excluded from a context - operationId: contextViewExcludedTechnologyList + description: "Sets whether or not the 'Referer' header should be sent while\ + \ spidering." + operationId: "spiderActionSetOptionSendRefererHeader" tags: - - context + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: contextName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/context/view/urls/: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/spider/action/setOptionShowAdvancedDialog/: get: - description: >- - Lists the URLs accessed through/by ZAP, that belong to the context with the given name. - operationId: contextViewUrls + description: "" + operationId: "spiderActionSetOptionShowAdvancedDialog" tags: - - context + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: contextName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/context/action/excludeFromContext/: - get: - description: >- - Add exclude regex to context - operationId: contextActionExcludeFromContext - tags: - - context - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: contextName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: regex - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/context/action/includeInContext/: - get: - description: >- - Add include regex to context - operationId: contextActionIncludeInContext - tags: - - context - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: contextName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: regex - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/context/action/setContextRegexs/: - get: - description: >- - Set the regexs to include and exclude for a context, both supplied as JSON string arrays - operationId: contextActionSetContextRegexs - tags: - - context - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: contextName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: incRegexs - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: excRegexs - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/context/action/newContext/: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/spider/action/setOptionSkipURLString/: get: - description: >- - Creates a new context with the given name in the current session - operationId: contextActionNewContext + description: "" + operationId: "spiderActionSetOptionSkipURLString" tags: - - context + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: contextName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/context/action/removeContext/: + - name: "String" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/spider/action/setOptionThreadCount/: get: - description: >- - Removes a context in the current session - operationId: contextActionRemoveContext + description: "" + operationId: "spiderActionSetOptionThreadCount" tags: - - context + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: contextName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/context/action/exportContext/: - get: - description: >- - Exports the context with the given name to a file. If a relative file path is specified it will be resolved against the "contexts" directory in ZAP "home" dir. - operationId: contextActionExportContext - tags: - - context - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: contextName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: contextFile - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/context/action/importContext/: + - name: "Integer" + in: "query" + required: true + description: "" + schema: + type: "integer" + /JSON/spider/action/setOptionUserAgent/: get: - description: >- - Imports a context from a file. If a relative file path is specified it will be resolved against the "contexts" directory in ZAP "home" dir. - operationId: contextActionImportContext + description: "" + operationId: "spiderActionSetOptionUserAgent" tags: - - context + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: contextFile - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/context/action/includeContextTechnologies/: - get: - description: >- - Includes technologies with the given names, separated by a comma, to a context - operationId: contextActionIncludeContextTechnologies - tags: - - context - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: contextName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: technologyNames - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/context/action/includeAllContextTechnologies/: + - name: "String" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/spider/action/stop/: get: - description: >- - Includes all built in technologies in to a context - operationId: contextActionIncludeAllContextTechnologies + description: "" + operationId: "spiderActionStop" tags: - - context + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: contextName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/context/action/excludeContextTechnologies/: + - name: "scanId" + in: "query" + description: "" + schema: + type: "string" + /JSON/spider/action/stopAllScans/: get: - description: >- - Excludes technologies with the given names, separated by a comma, from a context - operationId: contextActionExcludeContextTechnologies - tags: - - context - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: contextName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: technologyNames - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/context/action/excludeAllContextTechnologies/: + description: "" + operationId: "spiderActionStopAllScans" + tags: + - "spider" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/addedNodes/: get: - description: >- - Excludes all built in technologies from a context - operationId: contextActionExcludeAllContextTechnologies + description: "Returns a list of the names of the nodes added to the Sites tree\ + \ by the specified scan." + operationId: "spiderViewAddedNodes" tags: - - context + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: contextName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/context/action/setContextInScope/: - get: - description: >- - Sets a context to in scope (contexts are in scope by default) - operationId: contextActionSetContextInScope - tags: - - context - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: contextName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: booleanInScope - in: query - required: true - deprecated: false - description: "" - schema: - type: boolean - /JSON/httpSessions/view/sites/: + - name: "scanId" + in: "query" + description: "" + schema: + type: "string" + /JSON/spider/view/allUrls/: get: - description: >- - Gets all of the sites that have sessions. - operationId: httpSessionsViewSites + description: "Returns a list of unique URLs from the history table based on\ + \ HTTP messages added by the Spider." + operationId: "spiderViewAllUrls" tags: - - httpSessions + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/httpSessions/view/sessions/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/domainsAlwaysInScope/: get: - description: >- - Gets the sessions for the given site. Optionally returning just the session with the given name. - operationId: httpSessionsViewSessions - tags: - - httpSessions - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: site - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: session - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/httpSessions/view/activeSession/: + description: "Gets all the domains that are always in scope. For each domain\ + \ the following are shown: the index, the value (domain), if enabled, and\ + \ if specified as a regex." + operationId: "spiderViewDomainsAlwaysInScope" + tags: + - "spider" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/excludedFromScan/: get: - description: >- - Gets the name of the active session for the given site. - operationId: httpSessionsViewActiveSession + description: "Gets the regexes of URLs excluded from the spider scans." + operationId: "spiderViewExcludedFromScan" tags: - - httpSessions + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: site - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/httpSessions/view/sessionTokens/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/fullResults/: get: - description: >- - Gets the names of the session tokens for the given site. - operationId: httpSessionsViewSessionTokens + description: "" + operationId: "spiderViewFullResults" tags: - - httpSessions + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: site - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/httpSessions/view/defaultSessionTokens/: + - name: "scanId" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/spider/view/optionAcceptCookies/: get: - description: >- - Gets the default session tokens. - operationId: httpSessionsViewDefaultSessionTokens + description: "Gets whether or not a spider process should accept cookies while\ + \ spidering." + operationId: "spiderViewOptionAcceptCookies" tags: - - httpSessions + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/httpSessions/action/createEmptySession/: - get: - description: >- - Creates an empty session for the given site. Optionally with the given name. - operationId: httpSessionsActionCreateEmptySession - tags: - - httpSessions - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: site - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: session - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/httpSessions/action/removeSession/: - get: - description: >- - Removes the session from the given site. - operationId: httpSessionsActionRemoveSession - tags: - - httpSessions - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: site - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: session - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/httpSessions/action/setActiveSession/: - get: - description: >- - Sets the given session as active for the given site. - operationId: httpSessionsActionSetActiveSession - tags: - - httpSessions - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: site - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: session - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/httpSessions/action/unsetActiveSession/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/optionDomainsAlwaysInScope/: get: - description: >- - Unsets the active session of the given site. - operationId: httpSessionsActionUnsetActiveSession + description: "Use view domainsAlwaysInScope instead." + deprecated: true + operationId: "spiderViewOptionDomainsAlwaysInScope" tags: - - httpSessions + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: site - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/httpSessions/action/addSessionToken/: - get: - description: >- - Adds the session token to the given site. - operationId: httpSessionsActionAddSessionToken - tags: - - httpSessions - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: site - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: sessionToken - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/httpSessions/action/removeSessionToken/: - get: - description: >- - Removes the session token from the given site. - operationId: httpSessionsActionRemoveSessionToken - tags: - - httpSessions - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: site - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: sessionToken - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/httpSessions/action/setSessionTokenValue/: - get: - description: >- - Sets the value of the session token of the given session for the given site. - operationId: httpSessionsActionSetSessionTokenValue - tags: - - httpSessions - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: site - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: session - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: sessionToken - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: tokenValue - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/httpSessions/action/renameSession/: - get: - description: >- - Renames the session of the given site. - operationId: httpSessionsActionRenameSession - tags: - - httpSessions - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: site - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: oldSessionName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: newSessionName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/httpSessions/action/addDefaultSessionToken/: - get: - description: >- - Adds a default session token with the given name and enabled state. - operationId: httpSessionsActionAddDefaultSessionToken - tags: - - httpSessions - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: sessionToken - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: tokenEnabled - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/httpSessions/action/setDefaultSessionTokenEnabled/: - get: - description: >- - Sets whether or not the default session token with the given name is enabled. - operationId: httpSessionsActionSetDefaultSessionTokenEnabled - tags: - - httpSessions - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: sessionToken - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: tokenEnabled - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/httpSessions/action/removeDefaultSessionToken/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/optionDomainsAlwaysInScopeEnabled/: get: - description: >- - Removes the default session token with the given name. - operationId: httpSessionsActionRemoveDefaultSessionToken + description: "Use view domainsAlwaysInScope instead." + deprecated: true + operationId: "spiderViewOptionDomainsAlwaysInScopeEnabled" tags: - - httpSessions + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: sessionToken - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/break/view/isBreakAll/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/optionHandleODataParametersVisited/: get: - description: >- - Returns True if ZAP will break on both requests and responses - operationId: breakViewIsBreakAll + description: "" + operationId: "spiderViewOptionHandleODataParametersVisited" tags: - - break + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/break/view/isBreakRequest/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/optionHandleParameters/: get: - description: >- - Returns True if ZAP will break on requests - operationId: breakViewIsBreakRequest + description: "" + operationId: "spiderViewOptionHandleParameters" tags: - - break + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/break/view/isBreakResponse/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/optionMaxChildren/: get: - description: >- - Returns True if ZAP will break on responses - operationId: breakViewIsBreakResponse + description: "Gets the maximum number of child nodes (per node) that can be\ + \ crawled, 0 means no limit." + operationId: "spiderViewOptionMaxChildren" tags: - - break + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/break/view/httpMessage/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/optionMaxDepth/: get: - description: >- - Returns the HTTP message currently intercepted (if any) - operationId: breakViewHttpMessage + description: "Gets the maximum depth the spider can crawl, 0 if unlimited." + operationId: "spiderViewOptionMaxDepth" tags: - - break + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/break/action/break/: - get: - description: >- - Controls the global break functionality. The type may be one of: http-all, http-request or http-response. The state may be true (for turning break on for the specified type) or false (for turning break off). Scope is not currently used. - operationId: breakActionBreak - tags: - - break - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: type - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: state - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: scope - in: query - required: false - deprecated: true - description: "" - schema: - type: string - /JSON/break/action/setHttpMessage/: - get: - description: >- - Overwrites the currently intercepted message with the data provided - operationId: breakActionSetHttpMessage - tags: - - break - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: httpHeader - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: httpBody - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/break/action/continue/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/optionMaxDuration/: get: - description: >- - Submits the currently intercepted message and unsets the global request/response break points - operationId: breakActionContinue + description: "" + operationId: "spiderViewOptionMaxDuration" tags: - - break + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/break/action/step/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/optionMaxParseSizeBytes/: get: - description: >- - Submits the currently intercepted message, the next request or response will automatically be intercepted - operationId: breakActionStep + description: "Gets the maximum size, in bytes, that a response might have to\ + \ be parsed." + operationId: "spiderViewOptionMaxParseSizeBytes" tags: - - break + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/break/action/drop/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/optionMaxScansInUI/: get: - description: >- - Drops the currently intercepted message - operationId: breakActionDrop + description: "" + operationId: "spiderViewOptionMaxScansInUI" tags: - - break + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/break/action/addHttpBreakpoint/: - get: - description: >- - Adds a custom HTTP breakpoint. The string is the string to match. Location may be one of: url, request_header, request_body, response_header or response_body. Match may be: contains or regex. Inverse (match) may be true or false. Lastly, ignorecase (when matching the string) may be true or false. - operationId: breakActionAddHttpBreakpoint - tags: - - break - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: string - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: location - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: match - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: inverse - in: query - required: true - deprecated: false - description: "" - schema: - type: boolean - - name: ignorecase - in: query - required: true - deprecated: false - description: "" - schema: - type: boolean - /JSON/break/action/removeHttpBreakpoint/: - get: - description: >- - Removes the specified break point - operationId: breakActionRemoveHttpBreakpoint - tags: - - break - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: string - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: location - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: match - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: inverse - in: query - required: true - deprecated: false - description: "" - schema: - type: boolean - - name: ignorecase - in: query - required: true - deprecated: false - description: "" - schema: - type: boolean - /JSON/authentication/view/getSupportedAuthenticationMethods/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/optionParseComments/: get: - description: >- - Gets the name of the authentication methods. - operationId: authenticationViewGetSupportedAuthenticationMethods + description: "" + operationId: "spiderViewOptionParseComments" tags: - - authentication + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/authentication/view/getAuthenticationMethodConfigParams/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/optionParseDsStore/: get: - description: >- - Gets the configuration parameters for the authentication method with the given name. - operationId: authenticationViewGetAuthenticationMethodConfigParams + description: "" + operationId: "spiderViewOptionParseDsStore" tags: - - authentication + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: authMethodName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/authentication/view/getAuthenticationMethod/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/optionParseGit/: get: - description: >- - Gets the name of the authentication method for the context with the given ID. - operationId: authenticationViewGetAuthenticationMethod + description: "" + operationId: "spiderViewOptionParseGit" tags: - - authentication + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: contextId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/authentication/view/getLoggedInIndicator/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/optionParseRobotsTxt/: get: - description: >- - Gets the logged in indicator for the context with the given ID. - operationId: authenticationViewGetLoggedInIndicator + description: "" + operationId: "spiderViewOptionParseRobotsTxt" tags: - - authentication + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: contextId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/authentication/view/getLoggedOutIndicator/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/optionParseSVNEntries/: get: - description: >- - Gets the logged out indicator for the context with the given ID. - operationId: authenticationViewGetLoggedOutIndicator + description: "" + operationId: "spiderViewOptionParseSVNEntries" tags: - - authentication + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: contextId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/authentication/action/setAuthenticationMethod/: - get: - description: >- - Sets the authentication method for the context with the given ID. - operationId: authenticationActionSetAuthenticationMethod - tags: - - authentication - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: contextId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: authMethodName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: authMethodConfigParams - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/authentication/action/setLoggedInIndicator/: - get: - description: >- - Sets the logged in indicator for the context with the given ID. - operationId: authenticationActionSetLoggedInIndicator - tags: - - authentication - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: contextId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: loggedInIndicatorRegex - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/authentication/action/setLoggedOutIndicator/: - get: - description: >- - Sets the logged out indicator for the context with the given ID. - operationId: authenticationActionSetLoggedOutIndicator - tags: - - authentication - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: contextId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: loggedOutIndicatorRegex - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/authorization/view/getAuthorizationDetectionMethod/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/optionParseSitemapXml/: get: - description: >- - Obtains all the configuration of the authorization detection method that is currently set for a context. - operationId: authorizationViewGetAuthorizationDetectionMethod + description: "" + operationId: "spiderViewOptionParseSitemapXml" tags: - - authorization + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: contextId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/authorization/action/setBasicAuthorizationDetectionMethod/: - get: - description: >- - Sets the authorization detection method for a context as one that identifies un-authorized messages based on: the message's status code or a regex pattern in the response's header or body. Also, whether all conditions must match or just some can be specified via the logicalOperator parameter, which accepts two values: "AND" (default), "OR". - operationId: authorizationActionSetBasicAuthorizationDetectionMethod - tags: - - authorization - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: contextId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: headerRegex - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: bodyRegex - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: statusCode - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: logicalOperator - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/localProxies/view/additionalProxies/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/optionPostForm/: get: - description: >- - Gets all of the additional proxies that have been configured. - operationId: localProxiesViewAdditionalProxies + description: "" + operationId: "spiderViewOptionPostForm" tags: - - localProxies + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/localProxies/action/addAdditionalProxy/: - get: - description: >- - Adds an new proxy using the details supplied. - operationId: localProxiesActionAddAdditionalProxy - tags: - - localProxies - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: address - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: port - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: behindNat - in: query - required: false - deprecated: false - description: "" - schema: - type: boolean - - name: alwaysDecodeZip - in: query - required: false - deprecated: false - description: "" - schema: - type: boolean - - name: removeUnsupportedEncodings - in: query - required: false - deprecated: false - description: "" - schema: - type: boolean - /JSON/localProxies/action/removeAdditionalProxy/: - get: - description: >- - Removes the additional proxy with the specified address and port. - operationId: localProxiesActionRemoveAdditionalProxy - tags: - - localProxies - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: address - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: port - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/ruleConfig/view/ruleConfigValue/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/optionProcessForm/: get: - description: >- - Show the specified rule configuration - operationId: ruleConfigViewRuleConfigValue + description: "" + operationId: "spiderViewOptionProcessForm" tags: - - ruleConfig + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: key - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/ruleConfig/view/allRuleConfigs/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/optionRequestWaitTime/: get: - description: >- - Show all of the rule configurations - operationId: ruleConfigViewAllRuleConfigs + description: "" + operationId: "spiderViewOptionRequestWaitTime" tags: - - ruleConfig + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ruleConfig/action/resetRuleConfigValue/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/optionSendRefererHeader/: get: - description: >- - Reset the specified rule configuration, which must already exist - operationId: ruleConfigActionResetRuleConfigValue + description: "Gets whether or not the 'Referer' header should be sent while\ + \ spidering." + operationId: "spiderViewOptionSendRefererHeader" tags: - - ruleConfig + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: key - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/ruleConfig/action/resetAllRuleConfigValues/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/optionShowAdvancedDialog/: get: - description: >- - Reset all of the rule configurations - operationId: ruleConfigActionResetAllRuleConfigValues + description: "" + operationId: "spiderViewOptionShowAdvancedDialog" tags: - - ruleConfig + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/ruleConfig/action/setRuleConfigValue/: - get: - description: >- - Set the specified rule configuration, which must already exist - operationId: ruleConfigActionSetRuleConfigValue - tags: - - ruleConfig - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: key - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: value - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/sessionManagement/view/getSupportedSessionManagementMethods/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/optionSkipURLString/: get: - description: >- - Gets the name of the session management methods. - operationId: sessionManagementViewGetSupportedSessionManagementMethods + description: "" + operationId: "spiderViewOptionSkipURLString" tags: - - sessionManagement + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/sessionManagement/view/getSessionManagementMethodConfigParams/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/optionThreadCount/: get: - description: >- - Gets the configuration parameters for the session management method with the given name. - operationId: sessionManagementViewGetSessionManagementMethodConfigParams + description: "" + operationId: "spiderViewOptionThreadCount" tags: - - sessionManagement + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: methodName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/sessionManagement/view/getSessionManagementMethod/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/optionUserAgent/: get: - description: >- - Gets the name of the session management method for the context with the given ID. - operationId: sessionManagementViewGetSessionManagementMethod + description: "" + operationId: "spiderViewOptionUserAgent" tags: - - sessionManagement + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: contextId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/sessionManagement/action/setSessionManagementMethod/: - get: - description: >- - Sets the session management method for the context with the given ID. - operationId: sessionManagementActionSetSessionManagementMethod - tags: - - sessionManagement - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: contextId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: methodName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: methodConfigParams - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/users/view/usersList/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/results/: get: - description: >- - Gets a list of users that belong to the context with the given ID, or all users if none provided. - operationId: usersViewUsersList + description: "" + operationId: "spiderViewResults" tags: - - users + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: contextId - in: query - required: false - deprecated: false - description: "" - schema: - type: integer - /JSON/users/view/getUserById/: - get: - description: >- - Gets the data of the user with the given ID that belongs to the context with the given ID. - operationId: usersViewGetUserById - tags: - - users - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: contextId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: userId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/users/view/getAuthenticationCredentialsConfigParams/: + - name: "scanId" + in: "query" + description: "" + schema: + type: "string" + /JSON/spider/view/scans/: get: - description: >- - Gets the configuration parameters for the credentials of the context with the given ID. - operationId: usersViewGetAuthenticationCredentialsConfigParams + description: "" + operationId: "spiderViewScans" tags: - - users + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: contextId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/users/view/getAuthenticationCredentials/: - get: - description: >- - Gets the authentication credentials of the user with given ID that belongs to the context with the given ID. - operationId: usersViewGetAuthenticationCredentials - tags: - - users - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: contextId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: userId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/users/action/newUser/: - get: - description: >- - Creates a new user with the given name for the context with the given ID. - operationId: usersActionNewUser - tags: - - users - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: contextId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: name - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/users/action/removeUser/: - get: - description: >- - Removes the user with the given ID that belongs to the context with the given ID. - operationId: usersActionRemoveUser - tags: - - users - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: contextId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: userId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/users/action/setUserEnabled/: - get: - description: >- - Sets whether or not the user, with the given ID that belongs to the context with the given ID, should be enabled. - operationId: usersActionSetUserEnabled - tags: - - users - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: contextId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: userId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: enabled - in: query - required: true - deprecated: false - description: "" - schema: - type: boolean - /JSON/users/action/setUserName/: - get: - description: >- - Renames the user with the given ID that belongs to the context with the given ID. - operationId: usersActionSetUserName - tags: - - users - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: contextId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: userId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: name - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/users/action/setAuthenticationCredentials/: - get: - description: >- - Sets the authentication credentials for the user with the given ID that belongs to the context with the given ID. - operationId: usersActionSetAuthenticationCredentials - tags: - - users - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: contextId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: userId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: authCredentialsConfigParams - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/forcedUser/view/isForcedUserModeEnabled/: + $ref: "#/components/responses/ErrorJson" + /JSON/spider/view/status/: get: - description: >- - Returns 'true' if 'forced user' mode is enabled, 'false' otherwise - operationId: forcedUserViewIsForcedUserModeEnabled + description: "" + operationId: "spiderViewStatus" tags: - - forcedUser + - "spider" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/forcedUser/view/getForcedUser/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "scanId" + in: "query" + description: "" + schema: + type: "string" + /JSON/stats/action/clearStats/: get: - description: >- - Gets the user (ID) set as 'forced user' for the given context (ID) - operationId: forcedUserViewGetForcedUser + description: "Clears all of the statistics" + operationId: "statsActionClearStats" tags: - - forcedUser + - "stats" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: contextId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/forcedUser/action/setForcedUser/: - get: - description: >- - Sets the user (ID) that should be used in 'forced user' mode for the given context (ID) - operationId: forcedUserActionSetForcedUser - tags: - - forcedUser - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: contextId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - - name: userId - in: query - required: true - deprecated: false - description: "" - schema: - type: integer - /JSON/forcedUser/action/setForcedUserModeEnabled/: + - name: "keyPrefix" + in: "query" + description: "" + schema: + type: "string" + /JSON/stats/action/setOptionInMemoryEnabled/: get: - description: >- - Sets if 'forced user' mode should be enabled or not - operationId: forcedUserActionSetForcedUserModeEnabled + description: "Sets whether in memory statistics are enabled" + operationId: "statsActionSetOptionInMemoryEnabled" tags: - - forcedUser + - "stats" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: boolean - /JSON/script/view/listEngines/: + - name: "Boolean" + in: "query" + required: true + description: "" + schema: + type: "boolean" + /JSON/stats/action/setOptionStatsdHost/: get: - description: >- - Lists the script engines available - operationId: scriptViewListEngines + description: "Sets the Statsd service hostname, supply an empty string to stop\ + \ using a Statsd service" + operationId: "statsActionSetOptionStatsdHost" tags: - - script + - "stats" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/script/view/listTypes/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "String" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/stats/action/setOptionStatsdPort/: get: - description: >- - Lists the script types available. - operationId: scriptViewListTypes + description: "Sets the Statsd service port" + operationId: "statsActionSetOptionStatsdPort" tags: - - script + - "stats" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/script/view/listScripts/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "Integer" + in: "query" + required: true + description: "" + schema: + type: "integer" + /JSON/stats/action/setOptionStatsdPrefix/: get: - description: >- - Lists the scripts available, with its engine, name, description, type and error state. - operationId: scriptViewListScripts + description: "Sets the prefix to be applied to all stats sent to the configured\ + \ Statsd service" + operationId: "statsActionSetOptionStatsdPrefix" tags: - - script + - "stats" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/script/view/globalVar/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "String" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/stats/view/allSitesStats/: get: - description: >- - Gets the value of the global variable with the given key. Returns an API error (DOES_NOT_EXIST) if no value was previously set. - operationId: scriptViewGlobalVar + description: "Gets all of the site based statistics, optionally filtered by\ + \ a key prefix" + operationId: "statsViewAllSitesStats" tags: - - script + - "stats" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: varKey - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/script/view/globalVars/: + - name: "keyPrefix" + in: "query" + description: "" + schema: + type: "string" + /JSON/stats/view/optionInMemoryEnabled/: get: - description: >- - Gets all the global variables (key/value pairs). - operationId: scriptViewGlobalVars + description: "Returns 'true' if in memory statistics are enabled, otherwise\ + \ returns 'false'" + operationId: "statsViewOptionInMemoryEnabled" tags: - - script + - "stats" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/script/view/scriptVar/: - get: - description: >- - Gets the value of the variable with the given key for the given script. Returns an API error (DOES_NOT_EXIST) if no script with the given name exists or if no value was previously set. - operationId: scriptViewScriptVar - tags: - - script - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: scriptName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: varKey - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/script/view/scriptVars/: + $ref: "#/components/responses/ErrorJson" + /JSON/stats/view/optionStatsdEnabled/: get: - description: >- - Gets all the variables (key/value pairs) of the given script. Returns an API error (DOES_NOT_EXIST) if no script with the given name exists. - operationId: scriptViewScriptVars + description: "Returns 'true' if a Statsd server has been correctly configured,\ + \ otherwise returns 'false'" + operationId: "statsViewOptionStatsdEnabled" tags: - - script + - "stats" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: scriptName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/script/action/enable/: + $ref: "#/components/responses/ErrorJson" + /JSON/stats/view/optionStatsdHost/: get: - description: >- - Enables the script with the given name - operationId: scriptActionEnable + description: "Gets the Statsd service hostname" + operationId: "statsViewOptionStatsdHost" tags: - - script + - "stats" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: scriptName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/script/action/disable/: + $ref: "#/components/responses/ErrorJson" + /JSON/stats/view/optionStatsdPort/: get: - description: >- - Disables the script with the given name - operationId: scriptActionDisable + description: "Gets the Statsd service port" + operationId: "statsViewOptionStatsdPort" tags: - - script + - "stats" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: scriptName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/script/action/load/: - get: - description: >- - Loads a script into ZAP from the given local file, with the given name, type and engine, optionally with a description, and a charset name to read the script (the charset name is required if the script is not in UTF-8, for example, in ISO-8859-1). - operationId: scriptActionLoad - tags: - - script - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: scriptName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: scriptType - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: scriptEngine - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: fileName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: scriptDescription - in: query - required: false - deprecated: false - description: "" - schema: - type: string - - name: charset - in: query - required: false - deprecated: false - description: "" - schema: - type: string - default: "UTF-8" - /JSON/script/action/remove/: + $ref: "#/components/responses/ErrorJson" + /JSON/stats/view/optionStatsdPrefix/: get: - description: >- - Removes the script with the given name - operationId: scriptActionRemove + description: "Gets the prefix to be applied to all stats sent to the configured\ + \ Statsd service" + operationId: "statsViewOptionStatsdPrefix" tags: - - script + - "stats" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: scriptName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/script/action/runStandAloneScript/: + $ref: "#/components/responses/ErrorJson" + /JSON/stats/view/siteStats/: get: - description: >- - Runs the stand alone script with the given name - operationId: scriptActionRunStandAloneScript + description: "Gets all of the global statistics, optionally filtered by a key\ + \ prefix" + operationId: "statsViewSiteStats" tags: - - script + - "stats" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: scriptName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/script/action/clearGlobalVar/: + - name: "site" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "keyPrefix" + in: "query" + description: "" + schema: + type: "string" + /JSON/stats/view/stats/: get: - description: >- - Clears the global variable with the given key. - operationId: scriptActionClearGlobalVar + description: "Statistics" + operationId: "statsViewStats" tags: - - script + - "stats" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: varKey - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/script/action/clearGlobalVars/: + - name: "keyPrefix" + in: "query" + description: "" + schema: + type: "string" + /JSON/users/action/authenticateAsUser/: get: - description: >- - Clears the global variables. - operationId: scriptActionClearGlobalVars + description: "Tries to authenticate as the identified user, returning the authentication\ + \ request and whether it appears to have succeeded." + operationId: "usersActionAuthenticateAsUser" tags: - - script + - "users" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/script/action/clearScriptVar/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextId" + in: "query" + required: true + description: "The Context ID" + schema: + type: "string" + - name: "userId" + in: "query" + required: true + description: "The User ID" + schema: + type: "string" + /JSON/users/action/newUser/: get: - description: >- - Clears the variable with the given key of the given script. Returns an API error (DOES_NOT_EXIST) if no script with the given name exists. - operationId: scriptActionClearScriptVar - tags: - - script - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: scriptName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: varKey - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/script/action/clearScriptVars/: + description: "Creates a new user with the given name for the context with the\ + \ given ID." + operationId: "usersActionNewUser" + tags: + - "users" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextId" + in: "query" + required: true + description: "The Context ID" + schema: + type: "string" + - name: "name" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/users/action/pollAsUser/: + get: + description: "Tries to poll as the identified user, returning the authentication\ + \ request and whether it appears to have succeeded. This will only work if\ + \ the polling verification strategy has been configured." + operationId: "usersActionPollAsUser" + tags: + - "users" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextId" + in: "query" + required: true + description: "The Context ID" + schema: + type: "string" + - name: "userId" + in: "query" + required: true + description: "The User ID" + schema: + type: "string" + /JSON/users/action/removeUser/: get: - description: >- - Clears the variables of the given script. Returns an API error (DOES_NOT_EXIST) if no script with the given name exists. - operationId: scriptActionClearScriptVars + description: "Removes the user with the given ID that belongs to the context\ + \ with the given ID." + operationId: "usersActionRemoveUser" tags: - - script + - "users" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: scriptName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/script/action/setScriptVar/: + - name: "contextId" + in: "query" + required: true + description: "The Context ID" + schema: + type: "string" + - name: "userId" + in: "query" + required: true + description: "The User ID" + schema: + type: "string" + /JSON/users/action/setAuthenticationCredentials/: get: - description: >- - Sets the value of the variable with the given key of the given script. Returns an API error (DOES_NOT_EXIST) if no script with the given name exists. - operationId: scriptActionSetScriptVar - tags: - - script - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: scriptName - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: varKey - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: varValue - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/script/action/setGlobalVar/: + description: "Sets the authentication credentials for the user with the given\ + \ ID that belongs to the context with the given ID." + operationId: "usersActionSetAuthenticationCredentials" + tags: + - "users" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextId" + in: "query" + required: true + description: "The Context ID" + schema: + type: "string" + - name: "userId" + in: "query" + required: true + description: "The User ID" + schema: + type: "string" + - name: "authCredentialsConfigParams" + in: "query" + description: "" + schema: + type: "string" + /JSON/users/action/setAuthenticationState/: + get: + description: "Sets fields in the authentication state for the user identified\ + \ by the Context and User Ids." + operationId: "usersActionSetAuthenticationState" + tags: + - "users" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextId" + in: "query" + required: true + description: "The Context ID" + schema: + type: "string" + - name: "userId" + in: "query" + required: true + description: "The User ID" + schema: + type: "string" + - name: "lastPollResult" + in: "query" + description: "Last Poll Result - optional, should be 'true' or 'false'." + schema: + type: "string" + - name: "lastPollTimeInMs" + in: "query" + description: "Last Poll Time in Milliseconds - optional, should be a long or\ + \ 'NOW' for the current time in ms." + schema: + type: "string" + - name: "requestsSinceLastPoll" + in: "query" + description: "Requests Since Last Poll - optional, should be an integer." + schema: + type: "string" + /JSON/users/action/setCookie/: + get: + description: "Sets the specified cookie for the user identified by the Context\ + \ and User Ids." + operationId: "usersActionSetCookie" + tags: + - "users" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextId" + in: "query" + required: true + description: "The Context ID" + schema: + type: "string" + - name: "userId" + in: "query" + required: true + description: "The User ID" + schema: + type: "string" + - name: "domain" + in: "query" + required: true + description: "The Cookie Domain" + schema: + type: "string" + - name: "name" + in: "query" + required: true + description: "The Cookie Name" + schema: + type: "string" + - name: "value" + in: "query" + required: true + description: "The Cookie Value" + schema: + type: "string" + - name: "path" + in: "query" + description: "The Cookie Path - optional default no path" + schema: + type: "string" + - name: "secure" + in: "query" + description: "If the Cookie is secure - optional default false" + schema: + type: "string" + /JSON/users/action/setUserEnabled/: get: - description: >- - Sets the value of the global variable with the given key. - operationId: scriptActionSetGlobalVar - tags: - - script - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: varKey - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: varValue - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/stats/view/stats/: + description: "Sets whether or not the user, with the given ID that belongs to\ + \ the context with the given ID, should be enabled." + operationId: "usersActionSetUserEnabled" + tags: + - "users" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextId" + in: "query" + required: true + description: "The Context ID" + schema: + type: "string" + - name: "userId" + in: "query" + required: true + description: "The User ID" + schema: + type: "string" + - name: "enabled" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/users/action/setUserName/: + get: + description: "Renames the user with the given ID that belongs to the context\ + \ with the given ID." + operationId: "usersActionSetUserName" + tags: + - "users" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextId" + in: "query" + required: true + description: "The Context ID" + schema: + type: "string" + - name: "userId" + in: "query" + required: true + description: "The User ID" + schema: + type: "string" + - name: "name" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/users/view/getAuthenticationCredentials/: get: - description: >- - Statistics - operationId: statsViewStats + description: "Gets the authentication credentials of the user with given ID\ + \ that belongs to the context with the given ID." + operationId: "usersViewGetAuthenticationCredentials" tags: - - stats + - "users" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: keyPrefix - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/stats/view/allSitesStats/: + - name: "contextId" + in: "query" + required: true + description: "The Context ID" + schema: + type: "string" + - name: "userId" + in: "query" + required: true + description: "the User ID" + schema: + type: "string" + /JSON/users/view/getAuthenticationCredentialsConfigParams/: get: - description: >- - Gets all of the site based statistics, optionally filtered by a key prefix - operationId: statsViewAllSitesStats + description: "Gets the configuration parameters for the credentials of the context\ + \ with the given ID." + operationId: "usersViewGetAuthenticationCredentialsConfigParams" tags: - - stats + - "users" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: keyPrefix - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/stats/view/siteStats/: + - name: "contextId" + in: "query" + required: true + description: "The Context ID" + schema: + type: "string" + /JSON/users/view/getAuthenticationSession/: get: - description: >- - Gets all of the global statistics, optionally filtered by a key prefix - operationId: statsViewSiteStats - tags: - - stats - responses: - default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: site - in: query - required: true - deprecated: false - description: "" - schema: - type: string - - name: keyPrefix - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/stats/view/optionStatsdHost/: - get: - description: >- - Gets the Statsd service hostname - operationId: statsViewOptionStatsdHost + description: "Gets the authentication session information for the user identified\ + \ by the Context and User Ids, e.g. cookies and realm credentials." + operationId: "usersViewGetAuthenticationSession" tags: - - stats + - "users" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/stats/view/optionStatsdPort/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextId" + in: "query" + required: true + description: "The Context ID" + schema: + type: "string" + - name: "userId" + in: "query" + required: true + description: "The User ID" + schema: + type: "string" + /JSON/users/view/getAuthenticationState/: get: - description: >- - Gets the Statsd service port - operationId: statsViewOptionStatsdPort + description: "Gets the authentication state information for the user identified\ + \ by the Context and User Ids." + operationId: "usersViewGetAuthenticationState" tags: - - stats + - "users" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/stats/view/optionStatsdPrefix/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextId" + in: "query" + required: true + description: "The Context ID" + schema: + type: "string" + - name: "userId" + in: "query" + required: true + description: "The User ID" + schema: + type: "string" + /JSON/users/view/getUserById/: get: - description: >- - Gets the prefix to be applied to all stats sent to the configured Statsd service - operationId: statsViewOptionStatsdPrefix + description: "Gets the data of the user with the given ID that belongs to the\ + \ context with the given ID." + operationId: "usersViewGetUserById" tags: - - stats + - "users" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/stats/view/optionInMemoryEnabled/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextId" + in: "query" + required: true + description: "The Context ID" + schema: + type: "string" + - name: "userId" + in: "query" + required: true + description: "The User ID" + schema: + type: "string" + /JSON/users/view/usersList/: get: - description: >- - Returns 'true' if in memory statistics are enabled, otherwise returns 'false' - operationId: statsViewOptionInMemoryEnabled + description: "Gets a list of users that belong to the context with the given\ + \ ID, or all users if none provided." + operationId: "usersViewUsersList" tags: - - stats + - "users" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/stats/view/optionStatsdEnabled/: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "contextId" + in: "query" + description: "The Context ID" + schema: + type: "string" + /JSON/wappalyzer/view/listAll/: get: - description: >- - Returns 'true' if a Statsd server has been correctly configured, otherwise returns 'false' - operationId: statsViewOptionStatsdEnabled + description: "Lists all sites and their associated applications (technologies)." + operationId: "wappalyzerViewListAll" tags: - - stats + - "wappalyzer" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - /JSON/stats/action/clearStats/: + $ref: "#/components/responses/ErrorJson" + /JSON/wappalyzer/view/listSite/: get: - description: >- - Clears all of the statistics - operationId: statsActionClearStats + description: "Lists all the applications (technologies) associated with a specific\ + \ site." + operationId: "wappalyzerViewListSite" tags: - - stats + - "wappalyzer" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: keyPrefix - in: query - required: false - deprecated: false - description: "" - schema: - type: string - /JSON/stats/action/setOptionStatsdHost/: + - name: "site" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/wappalyzer/view/listSites/: get: - description: >- - Sets the Statsd service hostname, supply an empty string to stop using a Statsd service - operationId: statsActionSetOptionStatsdHost + description: "Lists all the sites recognized by the wappalyzer addon." + operationId: "wappalyzerViewListSites" tags: - - stats + - "wappalyzer" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: String - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/stats/action/setOptionStatsdPrefix/: + $ref: "#/components/responses/ErrorJson" + /JSON/websocket/action/sendTextMessage/: get: - description: >- - Sets the prefix to be applied to all stats sent to the configured Statsd service - operationId: statsActionSetOptionStatsdPrefix + description: "Sends the specified message on the channel specified by channelId,\ + \ if outgoing is 'True' then the message will be sent to the server and if\ + \ it is 'False' then it will be sent to the client" + operationId: "websocketActionSendTextMessage" tags: - - stats + - "websocket" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: String - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/stats/action/setOptionInMemoryEnabled/: + - name: "channelId" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "outgoing" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "message" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/websocket/action/setBreakTextMessage/: get: - description: >- - Sets whether in memory statistics are enabled - operationId: statsActionSetOptionInMemoryEnabled + description: "Sets the text message for an intercepted websockets message" + operationId: "websocketActionSetBreakTextMessage" tags: - - stats + - "websocket" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" + $ref: "#/components/responses/ErrorJson" parameters: - - name: Boolean - in: query - required: true - deprecated: false - description: "" - schema: - type: string - /JSON/stats/action/setOptionStatsdPort/: + - name: "message" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "outgoing" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/websocket/view/breakTextMessage/: get: - description: >- - Sets the Statsd service port - operationId: statsActionSetOptionStatsdPort + description: "Returns a text representation of an intercepted websockets message" + operationId: "websocketViewBreakTextMessage" tags: - - stats + - "websocket" responses: default: - description: unexpected error - content: - application/json: - schema: - $ref: "#/components/schemas/Error" - parameters: - - name: Integer - in: query - required: true - deprecated: false - description: "" - schema: - type: integer + $ref: "#/components/responses/ErrorJson" + /JSON/websocket/view/channels/: + get: + description: "Returns all of the registered web socket channels" + operationId: "websocketViewChannels" + tags: + - "websocket" + responses: + default: + $ref: "#/components/responses/ErrorJson" + /JSON/websocket/view/message/: + get: + description: "Returns full details of the message specified by the channelId\ + \ and messageId" + operationId: "websocketViewMessage" + tags: + - "websocket" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "channelId" + in: "query" + required: true + description: "" + schema: + type: "string" + - name: "messageId" + in: "query" + required: true + description: "" + schema: + type: "string" + /JSON/websocket/view/messages/: + get: + description: "Returns a list of all of the messages that meet the given criteria\ + \ (all optional), where channelId is a channel identifier, start is the offset\ + \ to start returning messages from (starting from 0), count is the number\ + \ of messages to return (default no limit) and payloadPreviewLength is the\ + \ maximum number bytes to return for the payload contents" + operationId: "websocketViewMessages" + tags: + - "websocket" + responses: + default: + $ref: "#/components/responses/ErrorJson" + parameters: + - name: "channelId" + in: "query" + description: "" + schema: + type: "string" + - name: "start" + in: "query" + description: "" + schema: + type: "string" + - name: "count" + in: "query" + description: "" + schema: + type: "string" + - name: "payloadPreviewLength" + in: "query" + description: "" + schema: + type: "string"