Blame - docs/dyn/websecurityscanner_v1.projects.scanConfigs.scanRuns.findings.html - platform/external/python/google-api-python-client

<h1><a href="websecurityscanner_v1.html">Web Security Scanner API</a> . <a href="websecurityscanner_v1.projects.html">projects</a> . <a href="websecurityscanner_v1.projects.scanConfigs.html">scanConfigs</a> . <a href="websecurityscanner_v1.projects.scanConfigs.scanRuns.html">scanRuns</a> . <a href="websecurityscanner_v1.projects.scanConfigs.scanRuns.findings.html">findings</a></h1>

76

<h2>Instance Methods</h2>

77

78

<code><a href="#get">get(name, x__xgafv=None)</a></code></p>

79

<p class="firstline">Gets a Finding.</p>

80

81

<code><a href="#list">list(parent, pageSize=None, filter=None, pageToken=None, x__xgafv=None)</a></code></p>

82

<p class="firstline">List Findings under a given ScanRun.</p>

83

84

<code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>

85

<p class="firstline">Retrieves the next page of results.</p>

86

<h3>Method Details</h3>

87

88

<code class="details" id="get">get(name, x__xgafv=None)</code>

<pre>Gets a Finding.

Args:

name: string, Required. The resource name of the Finding to be returned. The name follows the

93

format of

94

'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}/findings/{findingId}'. (required)

95

x__xgafv: string, V1 error format.

Allowed values

1 - v1 error format

2 - v2 error format

Returns:

An object of the form:

102

103

{ # A Finding resource represents a vulnerability instance identified during a

104

# ScanRun.

105

"violatingResource": { # Information regarding any resource causing the vulnerability such # Output only. An addon containing detailed information regarding any resource causing the

106

# vulnerability such as JavaScript sources, image, audio files, etc.

107

# as JavaScript sources, image, audio files, etc.

108

"contentType": "A String", # The MIME type of this resource.

109

"resourceUrl": "A String", # URL of this violating resource.

110

},

111

"xss": { # Information reported for an XSS. # Output only. An addon containing information reported for an XSS, if any.

112

"errorMessage": "A String", # An error message generated by a javascript breakage.

113

"stackTraces": [ # Stack traces leading to the point where the XSS occurred.

114

"A String",

115

],

116

"attackVector": "A String", # The attack vector of the payload triggering this XSS.

117

"storedXssSeedingUrl": "A String", # The reproduction url for the seeding POST request of a Stored XSS.

118

},

119

"severity": "A String", # Output only. The severity level of the reported vulnerability.

120

"finalUrl": "A String", # Output only. The URL where the browser lands when the vulnerability is detected.

121

"reproductionUrl": "A String", # Output only. The URL containing human-readable payload that user can leverage to

122

# reproduce the vulnerability.

123

"body": "A String", # Output only. The body of the request that triggered the vulnerability.

124

"form": { # ! Information about a vulnerability with an HTML. # Output only. An addon containing information reported for a vulnerability with an HTML

125

# form, if any.

126

"actionUri": "A String", # ! The URI where to send the form when it's submitted.

127

"fields": [ # ! The names of form fields related to the vulnerability.

"A String",

],

},

"frameUrl": "A String", # Output only. If the vulnerability was originated from nested IFrame, the immediate

132

# parent IFrame is reported.

133

"fuzzedUrl": "A String", # Output only. The URL produced by the server-side fuzzer and used in the request that

134

# triggered the vulnerability.

135

"description": "A String", # Output only. The description of the vulnerability.

136

"trackingId": "A String", # Output only. The tracking ID uniquely identifies a vulnerability instance across

137

# multiple ScanRuns.

138

"httpMethod": "A String", # Output only. The http method of the request that triggered the vulnerability, in

139

# uppercase.

140

"vulnerableParameters": { # Information about vulnerable request parameters. # Output only. An addon containing information about request parameters which were found

141

# to be vulnerable.

142

"parameterNames": [ # The vulnerable parameter names.

"A String",

],

},

"name": "A String", # Output only. The resource name of the Finding. The name follows the format of

147

# 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'.

148

# The finding IDs are generated by the system.

149

"vulnerableHeaders": { # Information about vulnerable or missing HTTP Headers. # Output only. An addon containing information about vulnerable or missing HTTP headers.

150

"headers": [ # List of vulnerable headers.

151

{ # Describes a HTTP Header.

152

"value": "A String", # Header value.

153

"name": "A String", # Header name.

154

},

155

],

156

"missingHeaders": [ # List of missing headers.

157

{ # Describes a HTTP Header.

158

"value": "A String", # Header value.

159

"name": "A String", # Header name.

},

],

},

"outdatedLibrary": { # Information reported for an outdated library. # Output only. An addon containing information about outdated libraries.

164

"version": "A String", # The version number.

165

"libraryName": "A String", # The name of the outdated library.

166

"learnMoreUrls": [ # URLs to learn more information about the vulnerabilities in the library.

"A String",

],

},

"findingType": "A String", # Output only. The type of the Finding.

171

# Detailed and up-to-date information on findings can be found here:

172

# https://cloud.google.com/security-scanner/docs/scan-result-details

}</pre>

</div>

<code class="details" id="list">list(parent, pageSize=None, filter=None, pageToken=None, x__xgafv=None)</code>

178

<pre>List Findings under a given ScanRun.

179

180

Args:

181

parent: string, Required. The parent resource name, which should be a scan run resource name in the

182

format

183

'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'. (required)

184

pageSize: integer, The maximum number of Findings to return, can be limited by server.

185

If not specified or not positive, the implementation will select a

186

reasonable value.

187

filter: string, The filter expression. The expression must be in the format: <field>

188

<operator> <value>.

189

Supported field: 'finding_type'.

190

Supported operator: '='.

191

pageToken: string, A token identifying a page of results to be returned. This should be a

192

`next_page_token` value returned from a previous List request.

193

If unspecified, the first page of results is returned.

194

x__xgafv: string, V1 error format.

Allowed values

1 - v1 error format

2 - v2 error format

Returns:

An object of the form:

201

202

{ # Response for the `ListFindings` method.

203

"nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no

204

# more results in the list.

205

"findings": [ # The list of Findings returned.

206

{ # A Finding resource represents a vulnerability instance identified during a

207

# ScanRun.

208

"violatingResource": { # Information regarding any resource causing the vulnerability such # Output only. An addon containing detailed information regarding any resource causing the

209

# vulnerability such as JavaScript sources, image, audio files, etc.

210

# as JavaScript sources, image, audio files, etc.

211

"contentType": "A String", # The MIME type of this resource.

212

"resourceUrl": "A String", # URL of this violating resource.

213

},

214

"xss": { # Information reported for an XSS. # Output only. An addon containing information reported for an XSS, if any.

215

"errorMessage": "A String", # An error message generated by a javascript breakage.

216

"stackTraces": [ # Stack traces leading to the point where the XSS occurred.

217

"A String",

218

],

219

"attackVector": "A String", # The attack vector of the payload triggering this XSS.

220

"storedXssSeedingUrl": "A String", # The reproduction url for the seeding POST request of a Stored XSS.

221

},

222

"severity": "A String", # Output only. The severity level of the reported vulnerability.

223

"finalUrl": "A String", # Output only. The URL where the browser lands when the vulnerability is detected.

224

"reproductionUrl": "A String", # Output only. The URL containing human-readable payload that user can leverage to

225

# reproduce the vulnerability.

226

"body": "A String", # Output only. The body of the request that triggered the vulnerability.

227

"form": { # ! Information about a vulnerability with an HTML. # Output only. An addon containing information reported for a vulnerability with an HTML

228

# form, if any.

229

"actionUri": "A String", # ! The URI where to send the form when it's submitted.

230

"fields": [ # ! The names of form fields related to the vulnerability.

"A String",

],

},

"frameUrl": "A String", # Output only. If the vulnerability was originated from nested IFrame, the immediate

235

# parent IFrame is reported.

236

"fuzzedUrl": "A String", # Output only. The URL produced by the server-side fuzzer and used in the request that

237

# triggered the vulnerability.

238

"description": "A String", # Output only. The description of the vulnerability.

239

"trackingId": "A String", # Output only. The tracking ID uniquely identifies a vulnerability instance across

240

# multiple ScanRuns.

241

"httpMethod": "A String", # Output only. The http method of the request that triggered the vulnerability, in

242

# uppercase.

243

"vulnerableParameters": { # Information about vulnerable request parameters. # Output only. An addon containing information about request parameters which were found

244

# to be vulnerable.

245

"parameterNames": [ # The vulnerable parameter names.

"A String",

],

},

"name": "A String", # Output only. The resource name of the Finding. The name follows the format of

250

# 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'.

251

# The finding IDs are generated by the system.

252

"vulnerableHeaders": { # Information about vulnerable or missing HTTP Headers. # Output only. An addon containing information about vulnerable or missing HTTP headers.

253

"headers": [ # List of vulnerable headers.

254

{ # Describes a HTTP Header.

255

"value": "A String", # Header value.

256

"name": "A String", # Header name.

257

},

258

],