-
-
Notifications
You must be signed in to change notification settings - Fork 709
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
scan rules: Clean code tweaks #5541
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Have only gone through the first few files for now. Will gradually look through the others :).
.../ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/ExternalRedirectScanRule.java
Outdated
Show resolved
Hide resolved
...ns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/BufferOverflowScanRule.java
Outdated
Show resolved
Hide resolved
addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/FormatStringScanRule.java
Outdated
Show resolved
Hide resolved
18cb8bf
to
6992ece
Compare
Addressed those comments and rebased current (to fix the conflict). |
Spoke about this on slack. Will reduce this one to just address static modifiers. Then tackle start/stop logging, and javadoc/comments separately. |
e72546c
to
ac1cd1f
Compare
ac1cd1f
to
5b199c9
Compare
Rebased current |
...Alpha/src/main/java/org/zaproxy/zap/extension/ascanrulesAlpha/ExampleFileActiveScanRule.java
Outdated
Show resolved
Hide resolved
...ulesBeta/src/main/java/org/zaproxy/zap/extension/ascanrulesBeta/ProxyDisclosureScanRule.java
Outdated
Show resolved
Hide resolved
addOns/pscanrules/src/main/java/org/zaproxy/zap/extension/pscanrules/BigRedirectsScanRule.java
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm fine adding the statics. But removing the get* methods means the script which generates the alert pages will not be able to extract the info.
Thats fine if the rules have example alerts, but the ones I looked at did not :(
97eff58
to
114347c
Compare
Adjusted. |
114347c
to
2c98a32
Compare
Rebased current |
Is this waiting on me to add example alerts to the example rules? |
ascanrulesAlpha now also includes example alerts on example rules. pscanrulesAlpha were previously done. |
db71a9c
to
84720db
Compare
...a/src/main/resources/org/zaproxy/zap/extension/ascanrulesAlpha/resources/Messages.properties
Outdated
Show resolved
Hide resolved
cb67b5d
to
ac0cded
Compare
...rules/src/main/java/org/zaproxy/zap/extension/pscanrules/InsecureAuthenticationScanRule.java
Outdated
Show resolved
Hide resolved
.../pscanrules/src/main/java/org/zaproxy/zap/extension/pscanrules/ApplicationErrorScanRule.java
Outdated
Show resolved
Hide resolved
...pscanrules/src/main/java/org/zaproxy/zap/extension/pscanrules/DirectoryBrowsingScanRule.java
Outdated
Show resolved
Hide resolved
.../pscanrules/src/main/java/org/zaproxy/zap/extension/pscanrules/InfoSessionIdUrlScanRule.java
Outdated
Show resolved
Hide resolved
...rc/main/java/org/zaproxy/zap/extension/pscanrules/InformationDisclosureReferrerScanRule.java
Outdated
Show resolved
Hide resolved
4a7e682
to
d1cf763
Compare
Think I've addressed all those, |
d1cf763
to
5c9c46e
Compare
...c/test/java/org/zaproxy/zap/extension/ascanrulesAlpha/ExampleFileActiveScanRuleUnitTesr.java
Outdated
Show resolved
Hide resolved
...ulesBeta/src/main/java/org/zaproxy/zap/extension/ascanrulesBeta/ProxyDisclosureScanRule.java
Outdated
Show resolved
Hide resolved
- Add static modifier where applicable. - CHANGELOG > Add maintenance note (if there wasn't already one present). - pscanrules > Made resource message methods private again where example alerts have been implemented, or removed them where there was only a single usage (inlining the Constant resource message usage).
- CHANGELOG > Added change note. - Scan Rules > Added example alert handling, updated to conform to the common active scan rule tests. - Scan Rule Unit Tests > Added to assert the example alert and references, as well as common tests. Signed-off-by: kingthorin <[email protected]>
5c9c46e
to
141375b
Compare
Okay I think I got those three, hopefully this is done |
Thank you! |
Overview
scan rules: Clean code tweaks
ascanrulesAlpha: Add example alerts to example rules
Checklist
./gradlew spotlessApply
for code formatting