docs/dyn/websecurityscanner_v1beta.projects.scanConfigs.scanRuns.findings.html

<html><body>
<style>

body, h1, h2, h3, div, span, p, pre, a {
  margin: 0;
  padding: 0;
  border: 0;
  font-weight: inherit;
  font-style: inherit;
  font-size: 100%;
  font-family: inherit;
  vertical-align: baseline;
}

body {
  font-size: 13px;
  padding: 1em;
}

h1 {
  font-size: 26px;
  margin-bottom: 1em;
}

h2 {
  font-size: 24px;
  margin-bottom: 1em;
}

h3 {
  font-size: 20px;
  margin-bottom: 1em;
  margin-top: 1em;
}

pre, code {
  line-height: 1.5;
  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
}

pre {
  margin-top: 0.5em;
}

h1, h2, h3, p {
  font-family: Arial, sans serif;
}

h1, h2, h3 {
  border-bottom: solid #CCC 1px;
}

.toc_element {
  margin-top: 0.5em;
}

.firstline {
  margin-left: 2 em;
}

.method  {
  margin-top: 1em;
  border: solid 1px #CCC;
  padding: 1em;
  background: #EEE;
}

.details {
  font-weight: bold;
  font-size: 14px;
}

</style>

<h1><a href="websecurityscanner_v1beta.html">Web Security Scanner API</a> . <a href="websecurityscanner_v1beta.projects.html">projects</a> . <a href="websecurityscanner_v1beta.projects.scanConfigs.html">scanConfigs</a> . <a href="websecurityscanner_v1beta.projects.scanConfigs.scanRuns.html">scanRuns</a> . <a href="websecurityscanner_v1beta.projects.scanConfigs.scanRuns.findings.html">findings</a></h1>
<h2>Instance Methods</h2>
<p class="toc_element">
  <code><a href="#close">close()</a></code></p>
<p class="firstline">Close httplib2 connections.</p>
<p class="toc_element">
  <code><a href="#get">get(name, x__xgafv=None)</a></code></p>
<p class="firstline">Gets a Finding.</p>
<p class="toc_element">
  <code><a href="#list">list(parent, pageToken=None, filter=None, pageSize=None, x__xgafv=None)</a></code></p>
<p class="firstline">List Findings under a given ScanRun.</p>
<p class="toc_element">
  <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
<p class="firstline">Retrieves the next page of results.</p>
<h3>Method Details</h3>
<div class="method">
    <code class="details" id="close">close()</code>
  <pre>Close httplib2 connections.</pre>
</div>

<div class="method">
    <code class="details" id="get">get(name, x__xgafv=None)</code>
  <pre>Gets a Finding.

Args:
  name: string, Required. The resource name of the Finding to be returned. The name follows the format of &#x27;projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}/findings/{findingId}&#x27;. (required)
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # A Finding resource represents a vulnerability instance identified during a ScanRun.
    &quot;severity&quot;: &quot;A String&quot;, # The severity level of the reported vulnerability.
    &quot;outdatedLibrary&quot;: { # Information reported for an outdated library. # An addon containing information about outdated libraries.
      &quot;learnMoreUrls&quot;: [ # URLs to learn more information about the vulnerabilities in the library.
        &quot;A String&quot;,
      ],
      &quot;libraryName&quot;: &quot;A String&quot;, # The name of the outdated library.
      &quot;version&quot;: &quot;A String&quot;, # The version number.
    },
    &quot;xss&quot;: { # Information reported for an XSS. # An addon containing information reported for an XSS, if any.
      &quot;errorMessage&quot;: &quot;A String&quot;, # An error message generated by a javascript breakage.
      &quot;stackTraces&quot;: [ # Stack traces leading to the point where the XSS occurred.
        &quot;A String&quot;,
      ],
    },
    &quot;description&quot;: &quot;A String&quot;, # The description of the vulnerability.
    &quot;violatingResource&quot;: { # Information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc. # An addon containing detailed information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.
      &quot;contentType&quot;: &quot;A String&quot;, # The MIME type of this resource.
      &quot;resourceUrl&quot;: &quot;A String&quot;, # URL of this violating resource.
    },
    &quot;findingType&quot;: &quot;A String&quot;, # The type of the Finding. Detailed and up-to-date information on findings can be found here: https://cloud.google.com/security-command-center/docs/how-to-remediate-web-security-scanner
    &quot;name&quot;: &quot;A String&quot;, # The resource name of the Finding. The name follows the format of &#x27;projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}&#x27;. The finding IDs are generated by the system.
    &quot;form&quot;: { # ! Information about a vulnerability with an HTML. # An addon containing information reported for a vulnerability with an HTML form, if any.
      &quot;actionUri&quot;: &quot;A String&quot;, # ! The URI where to send the form when it&#x27;s submitted.
      &quot;fields&quot;: [ # ! The names of form fields related to the vulnerability.
        &quot;A String&quot;,
      ],
    },
    &quot;vulnerableHeaders&quot;: { # Information about vulnerable or missing HTTP Headers. # An addon containing information about vulnerable or missing HTTP headers.
      &quot;missingHeaders&quot;: [ # List of missing headers.
        { # Describes a HTTP Header.
          &quot;name&quot;: &quot;A String&quot;, # Header name.
          &quot;value&quot;: &quot;A String&quot;, # Header value.
        },
      ],
      &quot;headers&quot;: [ # List of vulnerable headers.
        { # Describes a HTTP Header.
          &quot;name&quot;: &quot;A String&quot;, # Header name.
          &quot;value&quot;: &quot;A String&quot;, # Header value.
        },
      ],
    },
    &quot;frameUrl&quot;: &quot;A String&quot;, # If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported.
    &quot;body&quot;: &quot;A String&quot;, # The body of the request that triggered the vulnerability.
    &quot;vulnerableParameters&quot;: { # Information about vulnerable request parameters. # An addon containing information about request parameters which were found to be vulnerable.
      &quot;parameterNames&quot;: [ # The vulnerable parameter names.
        &quot;A String&quot;,
      ],
    },
    &quot;trackingId&quot;: &quot;A String&quot;, # The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns.
    &quot;httpMethod&quot;: &quot;A String&quot;, # The http method of the request that triggered the vulnerability, in uppercase.
    &quot;fuzzedUrl&quot;: &quot;A String&quot;, # The URL produced by the server-side fuzzer and used in the request that triggered the vulnerability.
    &quot;finalUrl&quot;: &quot;A String&quot;, # The URL where the browser lands when the vulnerability is detected.
    &quot;reproductionUrl&quot;: &quot;A String&quot;, # The URL containing human-readable payload that user can leverage to reproduce the vulnerability.
  }</pre>
</div>

<div class="method">
    <code class="details" id="list">list(parent, pageToken=None, filter=None, pageSize=None, x__xgafv=None)</code>
  <pre>List Findings under a given ScanRun.

Args:
  parent: string, Required. The parent resource name, which should be a scan run resource name in the format &#x27;projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}&#x27;. (required)
  pageToken: string, A token identifying a page of results to be returned. This should be a `next_page_token` value returned from a previous List request. If unspecified, the first page of results is returned.
  filter: string, Required. The filter expression. The expression must be in the format: . Supported field: &#x27;finding_type&#x27;. Supported operator: &#x27;=&#x27;.
  pageSize: integer, The maximum number of Findings to return, can be limited by server. If not specified or not positive, the implementation will select a reasonable value.
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Response for the `ListFindings` method.
    &quot;nextPageToken&quot;: &quot;A String&quot;, # Token to retrieve the next page of results, or empty if there are no more results in the list.
    &quot;findings&quot;: [ # The list of Findings returned.
      { # A Finding resource represents a vulnerability instance identified during a ScanRun.
        &quot;severity&quot;: &quot;A String&quot;, # The severity level of the reported vulnerability.
        &quot;outdatedLibrary&quot;: { # Information reported for an outdated library. # An addon containing information about outdated libraries.
          &quot;learnMoreUrls&quot;: [ # URLs to learn more information about the vulnerabilities in the library.
            &quot;A String&quot;,
          ],
          &quot;libraryName&quot;: &quot;A String&quot;, # The name of the outdated library.
          &quot;version&quot;: &quot;A String&quot;, # The version number.
        },
        &quot;xss&quot;: { # Information reported for an XSS. # An addon containing information reported for an XSS, if any.
          &quot;errorMessage&quot;: &quot;A String&quot;, # An error message generated by a javascript breakage.
          &quot;stackTraces&quot;: [ # Stack traces leading to the point where the XSS occurred.
            &quot;A String&quot;,
          ],
        },
        &quot;description&quot;: &quot;A String&quot;, # The description of the vulnerability.
        &quot;violatingResource&quot;: { # Information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc. # An addon containing detailed information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.
          &quot;contentType&quot;: &quot;A String&quot;, # The MIME type of this resource.
          &quot;resourceUrl&quot;: &quot;A String&quot;, # URL of this violating resource.
        },
        &quot;findingType&quot;: &quot;A String&quot;, # The type of the Finding. Detailed and up-to-date information on findings can be found here: https://cloud.google.com/security-command-center/docs/how-to-remediate-web-security-scanner
        &quot;name&quot;: &quot;A String&quot;, # The resource name of the Finding. The name follows the format of &#x27;projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}&#x27;. The finding IDs are generated by the system.
        &quot;form&quot;: { # ! Information about a vulnerability with an HTML. # An addon containing information reported for a vulnerability with an HTML form, if any.
          &quot;actionUri&quot;: &quot;A String&quot;, # ! The URI where to send the form when it&#x27;s submitted.
          &quot;fields&quot;: [ # ! The names of form fields related to the vulnerability.
            &quot;A String&quot;,
          ],
        },
        &quot;vulnerableHeaders&quot;: { # Information about vulnerable or missing HTTP Headers. # An addon containing information about vulnerable or missing HTTP headers.
          &quot;missingHeaders&quot;: [ # List of missing headers.
            { # Describes a HTTP Header.
              &quot;name&quot;: &quot;A String&quot;, # Header name.
              &quot;value&quot;: &quot;A String&quot;, # Header value.
            },
          ],
          &quot;headers&quot;: [ # List of vulnerable headers.
            { # Describes a HTTP Header.
              &quot;name&quot;: &quot;A String&quot;, # Header name.
              &quot;value&quot;: &quot;A String&quot;, # Header value.
            },
          ],
        },
        &quot;frameUrl&quot;: &quot;A String&quot;, # If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported.
        &quot;body&quot;: &quot;A String&quot;, # The body of the request that triggered the vulnerability.
        &quot;vulnerableParameters&quot;: { # Information about vulnerable request parameters. # An addon containing information about request parameters which were found to be vulnerable.
          &quot;parameterNames&quot;: [ # The vulnerable parameter names.
            &quot;A String&quot;,
          ],
        },
        &quot;trackingId&quot;: &quot;A String&quot;, # The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns.
        &quot;httpMethod&quot;: &quot;A String&quot;, # The http method of the request that triggered the vulnerability, in uppercase.
        &quot;fuzzedUrl&quot;: &quot;A String&quot;, # The URL produced by the server-side fuzzer and used in the request that triggered the vulnerability.
        &quot;finalUrl&quot;: &quot;A String&quot;, # The URL where the browser lands when the vulnerability is detected.
        &quot;reproductionUrl&quot;: &quot;A String&quot;, # The URL containing human-readable payload that user can leverage to reproduce the vulnerability.
      },
    ],
  }</pre>
</div>

<div class="method">
    <code class="details" id="list_next">list_next(previous_request, previous_response)</code>
  <pre>Retrieves the next page of results.

Args:
  previous_request: The request for the previous page. (required)
  previous_response: The response from the request for the previous page. (required)

Returns:
  A request object that you can call &#x27;execute()&#x27; on to request the next
  page. Returns None if there are no more items in the collection.
    </pre>
</div>

</body></html>