Blame - docs/dyn/websecurityscanner_v1.projects.scanConfigs.scanRuns.findings.html - platform/external/python/google-api-python-client

2020-10-06 16:46:05 -0700

[diff] [blame]

78

<code><a href="#close">close()</a></code></p>

79

<p class="firstline">Close httplib2 connections.</p>

80

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

81

<code><a href="#get">get(name, x__xgafv=None)</a></code></p>

82

<p class="firstline">Gets a Finding.</p>

83

Bu Sun Kim

2020-11-16 11:05:03 -0700

[diff] [blame^]

84

<code><a href="#list">list(parent, filter=None, pageToken=None, pageSize=None, x__xgafv=None)</a></code></p>

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

85

<p class="firstline">List Findings under a given ScanRun.</p>

86

87

<code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>

88

<p class="firstline">Retrieves the next page of results.</p>

89

<h3>Method Details</h3>

90

Dmitry Frenkel

2020-10-06 16:46:05 -0700

[diff] [blame]

91

<code class="details" id="close">close()</code>

92

<pre>Close httplib2 connections.</pre>

</div>

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

96

<code class="details" id="get">get(name, x__xgafv=None)</code>

97

<pre>Gets a Finding.

98

99

Args:

Dmitry Frenkel

2020-10-06 16:46:05 -0700

[diff] [blame]

100

name: string, Required. The resource name of the Finding to be returned. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}/findings/{findingId}'. (required)

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

101

x__xgafv: string, V1 error format.

Allowed values

1 - v1 error format

2 - v2 error format

Returns:

An object of the form:

108

Dmitry Frenkel

2020-10-06 16:46:05 -0700

[diff] [blame]

109

{ # A Finding resource represents a vulnerability instance identified during a ScanRun.

Bu Sun Kim

2020-11-16 11:05:03 -0700

[diff] [blame^]

110

"vulnerableHeaders": { # Information about vulnerable or missing HTTP Headers. # Output only. An addon containing information about vulnerable or missing HTTP headers.

111

"missingHeaders": [ # List of missing headers.

112

{ # Describes a HTTP Header.

113

"value": "A String", # Header value.

114

"name": "A String", # Header name.

115

},

116

],

117

"headers": [ # List of vulnerable headers.

118

{ # Describes a HTTP Header.

119

"value": "A String", # Header value.

120

"name": "A String", # Header name.

},

],

},

"form": { # ! Information about a vulnerability with an HTML. # Output only. An addon containing information reported for a vulnerability with an HTML form, if any.

125

"fields": [ # ! The names of form fields related to the vulnerability.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

126

"A String",

127

],

Bu Sun Kim

2020-11-16 11:05:03 -0700

[diff] [blame^]

128

"actionUri": "A String", # ! The URI where to send the form when it's submitted.

129

},

130

"trackingId": "A String", # Output only. The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns.

131

"findingType": "A String", # Output only. The type of the Finding. Detailed and up-to-date information on findings can be found here: https://cloud.google.com/security-command-center/docs/how-to-remediate-web-security-scanner-findings

132

"finalUrl": "A String", # Output only. The URL where the browser lands when the vulnerability is detected.

133

"reproductionUrl": "A String", # Output only. The URL containing human-readable payload that user can leverage to reproduce the vulnerability.

134

"violatingResource": { # Information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc. # Output only. An addon containing detailed information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.

135

"resourceUrl": "A String", # URL of this violating resource.

136

"contentType": "A String", # The MIME type of this resource.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

137

},

Dmitry Frenkel

2020-10-06 16:46:05 -0700

[diff] [blame]

138

"outdatedLibrary": { # Information reported for an outdated library. # Output only. An addon containing information about outdated libraries.

139

"version": "A String", # The version number.

140

"learnMoreUrls": [ # URLs to learn more information about the vulnerabilities in the library.

141

"A String",

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

142

],

Dmitry Frenkel

2020-10-06 16:46:05 -0700

[diff] [blame]

143

"libraryName": "A String", # The name of the outdated library.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

144

},

Bu Sun Kim

2020-11-16 11:05:03 -0700

[diff] [blame^]

145

"body": "A String", # Output only. The body of the request that triggered the vulnerability.

146

"vulnerableParameters": { # Information about vulnerable request parameters. # Output only. An addon containing information about request parameters which were found to be vulnerable.

147

"parameterNames": [ # The vulnerable parameter names.

148

"A String",

149

],

Bu Sun Kim

4ed7d3f

2020-05-27 12:20:54 -0700

[diff] [blame]

150

},

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

151

"xss": { # Information reported for an XSS. # Output only. An addon containing information reported for an XSS, if any.

152

"stackTraces": [ # Stack traces leading to the point where the XSS occurred.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

153

"A String",

154

],

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

155

"storedXssSeedingUrl": "A String", # The reproduction url for the seeding POST request of a Stored XSS.

Bu Sun Kim

2020-11-16 11:05:03 -0700

[diff] [blame^]

156

"errorMessage": "A String", # An error message generated by a javascript breakage.

157

"attackVector": "A String", # The attack vector of the payload triggering this XSS.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

158

},

Bu Sun Kim

2020-11-16 11:05:03 -0700

[diff] [blame^]

159

"frameUrl": "A String", # Output only. If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported.

Dmitry Frenkel

2020-10-06 16:46:05 -0700

[diff] [blame]

160

"httpMethod": "A String", # Output only. The http method of the request that triggered the vulnerability, in uppercase.

Bu Sun Kim

2020-11-16 11:05:03 -0700

[diff] [blame^]

161

"name": "A String", # Output only. The resource name of the Finding. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'. The finding IDs are generated by the system.

Dmitry Frenkel

2020-10-06 16:46:05 -0700

[diff] [blame]

162

"fuzzedUrl": "A String", # Output only. The URL produced by the server-side fuzzer and used in the request that triggered the vulnerability.

Bu Sun Kim

2020-11-16 11:05:03 -0700

[diff] [blame^]

163

"description": "A String", # Output only. The description of the vulnerability.

164

"severity": "A String", # Output only. The severity level of the reported vulnerability.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

}</pre>

</div>

Bu Sun Kim

2020-11-16 11:05:03 -0700

[diff] [blame^]

169

<code class="details" id="list">list(parent, filter=None, pageToken=None, pageSize=None, x__xgafv=None)</code>

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

170

<pre>List Findings under a given ScanRun.

171

172

Args:

Dmitry Frenkel

2020-10-06 16:46:05 -0700

[diff] [blame]

173

parent: string, Required. The parent resource name, which should be a scan run resource name in the format 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'. (required)

174

filter: string, The filter expression. The expression must be in the format: . Supported field: 'finding_type'. Supported operator: '='.

Dmitry Frenkel

2020-10-06 16:46:05 -0700

[diff] [blame]

175

pageToken: string, A token identifying a page of results to be returned. This should be a `next_page_token` value returned from a previous List request. If unspecified, the first page of results is returned.

Bu Sun Kim

2020-11-16 11:05:03 -0700

[diff] [blame^]

176

pageSize: integer, The maximum number of Findings to return, can be limited by server. If not specified or not positive, the implementation will select a reasonable value.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

177

x__xgafv: string, V1 error format.

Allowed values

1 - v1 error format

2 - v2 error format

Returns:

An object of the form:

184

185

{ # Response for the `ListFindings` method.

Bu Sun Kim

2020-11-16 11:05:03 -0700

[diff] [blame^]

186

"nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no more results in the list.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

187

"findings": [ # The list of Findings returned.

Dmitry Frenkel

2020-10-06 16:46:05 -0700

[diff] [blame]

188

{ # A Finding resource represents a vulnerability instance identified during a ScanRun.

Bu Sun Kim

2020-11-16 11:05:03 -0700

[diff] [blame^]

189

"vulnerableHeaders": { # Information about vulnerable or missing HTTP Headers. # Output only. An addon containing information about vulnerable or missing HTTP headers.

190

"missingHeaders": [ # List of missing headers.

191

{ # Describes a HTTP Header.

192

"value": "A String", # Header value.

193

"name": "A String", # Header name.

194

},

195

],

196

"headers": [ # List of vulnerable headers.

197

{ # Describes a HTTP Header.

198

"value": "A String", # Header value.

199

"name": "A String", # Header name.

},

],

},

"form": { # ! Information about a vulnerability with an HTML. # Output only. An addon containing information reported for a vulnerability with an HTML form, if any.

204

"fields": [ # ! The names of form fields related to the vulnerability.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

205

"A String",

206

],

Bu Sun Kim

2020-11-16 11:05:03 -0700

[diff] [blame^]

207

"actionUri": "A String", # ! The URI where to send the form when it's submitted.

208

},

209

"trackingId": "A String", # Output only. The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns.

210

"findingType": "A String", # Output only. The type of the Finding. Detailed and up-to-date information on findings can be found here: https://cloud.google.com/security-command-center/docs/how-to-remediate-web-security-scanner-findings

211

"finalUrl": "A String", # Output only. The URL where the browser lands when the vulnerability is detected.

212

"reproductionUrl": "A String", # Output only. The URL containing human-readable payload that user can leverage to reproduce the vulnerability.

213

"violatingResource": { # Information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc. # Output only. An addon containing detailed information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.

214

"resourceUrl": "A String", # URL of this violating resource.

215

"contentType": "A String", # The MIME type of this resource.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

216

},

Dmitry Frenkel

2020-10-06 16:46:05 -0700

[diff] [blame]

217

"outdatedLibrary": { # Information reported for an outdated library. # Output only. An addon containing information about outdated libraries.

218

"version": "A String", # The version number.

219

"learnMoreUrls": [ # URLs to learn more information about the vulnerabilities in the library.

220

"A String",

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

221

],

Dmitry Frenkel

2020-10-06 16:46:05 -0700

[diff] [blame]

222

"libraryName": "A String", # The name of the outdated library.

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

223

},

Bu Sun Kim

2020-11-16 11:05:03 -0700

[diff] [blame^]

224

"body": "A String", # Output only. The body of the request that triggered the vulnerability.

225

"vulnerableParameters": { # Information about vulnerable request parameters. # Output only. An addon containing information about request parameters which were found to be vulnerable.

226

"parameterNames": [ # The vulnerable parameter names.

227

"A String",

228

],

Bu Sun Kim

4ed7d3f

2020-05-27 12:20:54 -0700

[diff] [blame]

229

},

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

230

"xss": { # Information reported for an XSS. # Output only. An addon containing information reported for an XSS, if any.

231

"stackTraces": [ # Stack traces leading to the point where the XSS occurred.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

232

"A String",

233

],

Bu Sun Kim

2020-07-22 17:02:09 -0700

[diff] [blame]

234

"storedXssSeedingUrl": "A String", # The reproduction url for the seeding POST request of a Stored XSS.

Bu Sun Kim

2020-11-16 11:05:03 -0700

[diff] [blame^]

235

"errorMessage": "A String", # An error message generated by a javascript breakage.

236

"attackVector": "A String", # The attack vector of the payload triggering this XSS.

Bu Sun Kim

2020-05-20 12:08:20 -0700

[diff] [blame]

237

},

Bu Sun Kim

2020-11-16 11:05:03 -0700

[diff] [blame^]

238

"frameUrl": "A String", # Output only. If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported.

Dmitry Frenkel

2020-10-06 16:46:05 -0700

[diff] [blame]

239

"httpMethod": "A String", # Output only. The http method of the request that triggered the vulnerability, in uppercase.

Bu Sun Kim

2020-11-16 11:05:03 -0700

[diff] [blame^]

240

"name": "A String", # Output only. The resource name of the Finding. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'. The finding IDs are generated by the system.

Dmitry Frenkel

2020-10-06 16:46:05 -0700

[diff] [blame]

241

"fuzzedUrl": "A String", # Output only. The URL produced by the server-side fuzzer and used in the request that triggered the vulnerability.

Bu Sun Kim