blob: 2cc233890f019ef564e2fd30afe93ecfae2cdfb8 [file] [log] [blame]
Bu Sun Kim65020912020-05-20 12:08:20 -07001<html><body>
2<style>
3
4body, h1, h2, h3, div, span, p, pre, a {
5 margin: 0;
6 padding: 0;
7 border: 0;
8 font-weight: inherit;
9 font-style: inherit;
10 font-size: 100%;
11 font-family: inherit;
12 vertical-align: baseline;
13}
14
15body {
16 font-size: 13px;
17 padding: 1em;
18}
19
20h1 {
21 font-size: 26px;
22 margin-bottom: 1em;
23}
24
25h2 {
26 font-size: 24px;
27 margin-bottom: 1em;
28}
29
30h3 {
31 font-size: 20px;
32 margin-bottom: 1em;
33 margin-top: 1em;
34}
35
36pre, code {
37 line-height: 1.5;
38 font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
39}
40
41pre {
42 margin-top: 0.5em;
43}
44
45h1, h2, h3, p {
46 font-family: Arial, sans serif;
47}
48
49h1, h2, h3 {
50 border-bottom: solid #CCC 1px;
51}
52
53.toc_element {
54 margin-top: 0.5em;
55}
56
57.firstline {
58 margin-left: 2 em;
59}
60
61.method {
62 margin-top: 1em;
63 border: solid 1px #CCC;
64 padding: 1em;
65 background: #EEE;
66}
67
68.details {
69 font-weight: bold;
70 font-size: 14px;
71}
72
73</style>
74
75<h1><a href="websecurityscanner_v1.html">Web Security Scanner API</a> . <a href="websecurityscanner_v1.projects.html">projects</a> . <a href="websecurityscanner_v1.projects.scanConfigs.html">scanConfigs</a> . <a href="websecurityscanner_v1.projects.scanConfigs.scanRuns.html">scanRuns</a> . <a href="websecurityscanner_v1.projects.scanConfigs.scanRuns.findings.html">findings</a></h1>
76<h2>Instance Methods</h2>
77<p class="toc_element">
78 <code><a href="#get">get(name, x__xgafv=None)</a></code></p>
79<p class="firstline">Gets a Finding.</p>
80<p class="toc_element">
Bu Sun Kim4ed7d3f2020-05-27 12:20:54 -070081 <code><a href="#list">list(parent, filter=None, pageToken=None, pageSize=None, x__xgafv=None)</a></code></p>
Bu Sun Kim65020912020-05-20 12:08:20 -070082<p class="firstline">List Findings under a given ScanRun.</p>
83<p class="toc_element">
84 <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
85<p class="firstline">Retrieves the next page of results.</p>
86<h3>Method Details</h3>
87<div class="method">
88 <code class="details" id="get">get(name, x__xgafv=None)</code>
89 <pre>Gets a Finding.
90
91Args:
92 name: string, Required. The resource name of the Finding to be returned. The name follows the
93format of
94&#x27;projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}/findings/{findingId}&#x27;. (required)
95 x__xgafv: string, V1 error format.
96 Allowed values
97 1 - v1 error format
98 2 - v2 error format
99
100Returns:
101 An object of the form:
102
103 { # A Finding resource represents a vulnerability instance identified during a
104 # ScanRun.
Bu Sun Kim4ed7d3f2020-05-27 12:20:54 -0700105 &quot;name&quot;: &quot;A String&quot;, # Output only. The resource name of the Finding. The name follows the format of
106 # &#x27;projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}&#x27;.
107 # The finding IDs are generated by the system.
Bu Sun Kim65020912020-05-20 12:08:20 -0700108 &quot;description&quot;: &quot;A String&quot;, # Output only. The description of the vulnerability.
109 &quot;trackingId&quot;: &quot;A String&quot;, # Output only. The tracking ID uniquely identifies a vulnerability instance across
110 # multiple ScanRuns.
Bu Sun Kim4ed7d3f2020-05-27 12:20:54 -0700111 &quot;form&quot;: { # ! Information about a vulnerability with an HTML. # Output only. An addon containing information reported for a vulnerability with an HTML
112 # form, if any.
113 &quot;fields&quot;: [ # ! The names of form fields related to the vulnerability.
114 &quot;A String&quot;,
115 ],
116 &quot;actionUri&quot;: &quot;A String&quot;, # ! The URI where to send the form when it&#x27;s submitted.
117 },
118 &quot;finalUrl&quot;: &quot;A String&quot;, # Output only. The URL where the browser lands when the vulnerability is detected.
119 &quot;xss&quot;: { # Information reported for an XSS. # Output only. An addon containing information reported for an XSS, if any.
120 &quot;attackVector&quot;: &quot;A String&quot;, # The attack vector of the payload triggering this XSS.
121 &quot;stackTraces&quot;: [ # Stack traces leading to the point where the XSS occurred.
122 &quot;A String&quot;,
123 ],
124 &quot;errorMessage&quot;: &quot;A String&quot;, # An error message generated by a javascript breakage.
125 &quot;storedXssSeedingUrl&quot;: &quot;A String&quot;, # The reproduction url for the seeding POST request of a Stored XSS.
126 },
127 &quot;findingType&quot;: &quot;A String&quot;, # Output only. The type of the Finding.
128 # Detailed and up-to-date information on findings can be found here:
129 # https://cloud.google.com/security-command-center/docs/how-to-remediate-web-security-scanner-findings
130 &quot;severity&quot;: &quot;A String&quot;, # Output only. The severity level of the reported vulnerability.
131 &quot;frameUrl&quot;: &quot;A String&quot;, # Output only. If the vulnerability was originated from nested IFrame, the immediate
132 # parent IFrame is reported.
Bu Sun Kim65020912020-05-20 12:08:20 -0700133 &quot;vulnerableParameters&quot;: { # Information about vulnerable request parameters. # Output only. An addon containing information about request parameters which were found
134 # to be vulnerable.
135 &quot;parameterNames&quot;: [ # The vulnerable parameter names.
136 &quot;A String&quot;,
137 ],
138 },
Bu Sun Kim4ed7d3f2020-05-27 12:20:54 -0700139 &quot;violatingResource&quot;: { # Information regarding any resource causing the vulnerability such # Output only. An addon containing detailed information regarding any resource causing the
140 # vulnerability such as JavaScript sources, image, audio files, etc.
141 # as JavaScript sources, image, audio files, etc.
142 &quot;resourceUrl&quot;: &quot;A String&quot;, # URL of this violating resource.
143 &quot;contentType&quot;: &quot;A String&quot;, # The MIME type of this resource.
144 },
145 &quot;fuzzedUrl&quot;: &quot;A String&quot;, # Output only. The URL produced by the server-side fuzzer and used in the request that
146 # triggered the vulnerability.
147 &quot;httpMethod&quot;: &quot;A String&quot;, # Output only. The http method of the request that triggered the vulnerability, in
148 # uppercase.
149 &quot;body&quot;: &quot;A String&quot;, # Output only. The body of the request that triggered the vulnerability.
Bu Sun Kim65020912020-05-20 12:08:20 -0700150 &quot;vulnerableHeaders&quot;: { # Information about vulnerable or missing HTTP Headers. # Output only. An addon containing information about vulnerable or missing HTTP headers.
151 &quot;headers&quot;: [ # List of vulnerable headers.
152 { # Describes a HTTP Header.
153 &quot;value&quot;: &quot;A String&quot;, # Header value.
154 &quot;name&quot;: &quot;A String&quot;, # Header name.
155 },
156 ],
157 &quot;missingHeaders&quot;: [ # List of missing headers.
158 { # Describes a HTTP Header.
159 &quot;value&quot;: &quot;A String&quot;, # Header value.
160 &quot;name&quot;: &quot;A String&quot;, # Header name.
161 },
162 ],
163 },
Bu Sun Kim4ed7d3f2020-05-27 12:20:54 -0700164 &quot;reproductionUrl&quot;: &quot;A String&quot;, # Output only. The URL containing human-readable payload that user can leverage to
165 # reproduce the vulnerability.
Bu Sun Kim65020912020-05-20 12:08:20 -0700166 &quot;outdatedLibrary&quot;: { # Information reported for an outdated library. # Output only. An addon containing information about outdated libraries.
Bu Sun Kim65020912020-05-20 12:08:20 -0700167 &quot;learnMoreUrls&quot;: [ # URLs to learn more information about the vulnerabilities in the library.
168 &quot;A String&quot;,
169 ],
Bu Sun Kim4ed7d3f2020-05-27 12:20:54 -0700170 &quot;version&quot;: &quot;A String&quot;, # The version number.
171 &quot;libraryName&quot;: &quot;A String&quot;, # The name of the outdated library.
Bu Sun Kim65020912020-05-20 12:08:20 -0700172 },
Bu Sun Kim65020912020-05-20 12:08:20 -0700173 }</pre>
174</div>
175
176<div class="method">
Bu Sun Kim4ed7d3f2020-05-27 12:20:54 -0700177 <code class="details" id="list">list(parent, filter=None, pageToken=None, pageSize=None, x__xgafv=None)</code>
Bu Sun Kim65020912020-05-20 12:08:20 -0700178 <pre>List Findings under a given ScanRun.
179
180Args:
181 parent: string, Required. The parent resource name, which should be a scan run resource name in the
182format
183&#x27;projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}&#x27;. (required)
Bu Sun Kim65020912020-05-20 12:08:20 -0700184 filter: string, The filter expression. The expression must be in the format: &lt;field&gt;
185&lt;operator&gt; &lt;value&gt;.
186Supported field: &#x27;finding_type&#x27;.
187Supported operator: &#x27;=&#x27;.
188 pageToken: string, A token identifying a page of results to be returned. This should be a
189`next_page_token` value returned from a previous List request.
190If unspecified, the first page of results is returned.
Bu Sun Kim4ed7d3f2020-05-27 12:20:54 -0700191 pageSize: integer, The maximum number of Findings to return, can be limited by server.
192If not specified or not positive, the implementation will select a
193reasonable value.
Bu Sun Kim65020912020-05-20 12:08:20 -0700194 x__xgafv: string, V1 error format.
195 Allowed values
196 1 - v1 error format
197 2 - v2 error format
198
199Returns:
200 An object of the form:
201
202 { # Response for the `ListFindings` method.
Bu Sun Kim65020912020-05-20 12:08:20 -0700203 &quot;findings&quot;: [ # The list of Findings returned.
204 { # A Finding resource represents a vulnerability instance identified during a
205 # ScanRun.
Bu Sun Kim4ed7d3f2020-05-27 12:20:54 -0700206 &quot;name&quot;: &quot;A String&quot;, # Output only. The resource name of the Finding. The name follows the format of
207 # &#x27;projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}&#x27;.
208 # The finding IDs are generated by the system.
Bu Sun Kim65020912020-05-20 12:08:20 -0700209 &quot;description&quot;: &quot;A String&quot;, # Output only. The description of the vulnerability.
210 &quot;trackingId&quot;: &quot;A String&quot;, # Output only. The tracking ID uniquely identifies a vulnerability instance across
211 # multiple ScanRuns.
Bu Sun Kim4ed7d3f2020-05-27 12:20:54 -0700212 &quot;form&quot;: { # ! Information about a vulnerability with an HTML. # Output only. An addon containing information reported for a vulnerability with an HTML
213 # form, if any.
214 &quot;fields&quot;: [ # ! The names of form fields related to the vulnerability.
215 &quot;A String&quot;,
216 ],
217 &quot;actionUri&quot;: &quot;A String&quot;, # ! The URI where to send the form when it&#x27;s submitted.
218 },
219 &quot;finalUrl&quot;: &quot;A String&quot;, # Output only. The URL where the browser lands when the vulnerability is detected.
220 &quot;xss&quot;: { # Information reported for an XSS. # Output only. An addon containing information reported for an XSS, if any.
221 &quot;attackVector&quot;: &quot;A String&quot;, # The attack vector of the payload triggering this XSS.
222 &quot;stackTraces&quot;: [ # Stack traces leading to the point where the XSS occurred.
223 &quot;A String&quot;,
224 ],
225 &quot;errorMessage&quot;: &quot;A String&quot;, # An error message generated by a javascript breakage.
226 &quot;storedXssSeedingUrl&quot;: &quot;A String&quot;, # The reproduction url for the seeding POST request of a Stored XSS.
227 },
228 &quot;findingType&quot;: &quot;A String&quot;, # Output only. The type of the Finding.
229 # Detailed and up-to-date information on findings can be found here:
230 # https://cloud.google.com/security-command-center/docs/how-to-remediate-web-security-scanner-findings
231 &quot;severity&quot;: &quot;A String&quot;, # Output only. The severity level of the reported vulnerability.
232 &quot;frameUrl&quot;: &quot;A String&quot;, # Output only. If the vulnerability was originated from nested IFrame, the immediate
233 # parent IFrame is reported.
Bu Sun Kim65020912020-05-20 12:08:20 -0700234 &quot;vulnerableParameters&quot;: { # Information about vulnerable request parameters. # Output only. An addon containing information about request parameters which were found
235 # to be vulnerable.
236 &quot;parameterNames&quot;: [ # The vulnerable parameter names.
237 &quot;A String&quot;,
238 ],
239 },
Bu Sun Kim4ed7d3f2020-05-27 12:20:54 -0700240 &quot;violatingResource&quot;: { # Information regarding any resource causing the vulnerability such # Output only. An addon containing detailed information regarding any resource causing the
241 # vulnerability such as JavaScript sources, image, audio files, etc.
242 # as JavaScript sources, image, audio files, etc.
243 &quot;resourceUrl&quot;: &quot;A String&quot;, # URL of this violating resource.
244 &quot;contentType&quot;: &quot;A String&quot;, # The MIME type of this resource.
245 },
246 &quot;fuzzedUrl&quot;: &quot;A String&quot;, # Output only. The URL produced by the server-side fuzzer and used in the request that
247 # triggered the vulnerability.
248 &quot;httpMethod&quot;: &quot;A String&quot;, # Output only. The http method of the request that triggered the vulnerability, in
249 # uppercase.
250 &quot;body&quot;: &quot;A String&quot;, # Output only. The body of the request that triggered the vulnerability.
Bu Sun Kim65020912020-05-20 12:08:20 -0700251 &quot;vulnerableHeaders&quot;: { # Information about vulnerable or missing HTTP Headers. # Output only. An addon containing information about vulnerable or missing HTTP headers.
252 &quot;headers&quot;: [ # List of vulnerable headers.
253 { # Describes a HTTP Header.
254 &quot;value&quot;: &quot;A String&quot;, # Header value.
255 &quot;name&quot;: &quot;A String&quot;, # Header name.
256 },
257 ],
258 &quot;missingHeaders&quot;: [ # List of missing headers.
259 { # Describes a HTTP Header.
260 &quot;value&quot;: &quot;A String&quot;, # Header value.
261 &quot;name&quot;: &quot;A String&quot;, # Header name.
262 },
263 ],
264 },
Bu Sun Kim4ed7d3f2020-05-27 12:20:54 -0700265 &quot;reproductionUrl&quot;: &quot;A String&quot;, # Output only. The URL containing human-readable payload that user can leverage to
266 # reproduce the vulnerability.
Bu Sun Kim65020912020-05-20 12:08:20 -0700267 &quot;outdatedLibrary&quot;: { # Information reported for an outdated library. # Output only. An addon containing information about outdated libraries.
Bu Sun Kim65020912020-05-20 12:08:20 -0700268 &quot;learnMoreUrls&quot;: [ # URLs to learn more information about the vulnerabilities in the library.
269 &quot;A String&quot;,
270 ],
Bu Sun Kim4ed7d3f2020-05-27 12:20:54 -0700271 &quot;version&quot;: &quot;A String&quot;, # The version number.
272 &quot;libraryName&quot;: &quot;A String&quot;, # The name of the outdated library.
Bu Sun Kim65020912020-05-20 12:08:20 -0700273 },
Bu Sun Kim65020912020-05-20 12:08:20 -0700274 },
275 ],
Bu Sun Kim4ed7d3f2020-05-27 12:20:54 -0700276 &quot;nextPageToken&quot;: &quot;A String&quot;, # Token to retrieve the next page of results, or empty if there are no
277 # more results in the list.
Bu Sun Kim65020912020-05-20 12:08:20 -0700278 }</pre>
279</div>
280
281<div class="method">
282 <code class="details" id="list_next">list_next(previous_request, previous_response)</code>
283 <pre>Retrieves the next page of results.
284
285Args:
286 previous_request: The request for the previous page. (required)
287 previous_response: The response from the request for the previous page. (required)
288
289Returns:
290 A request object that you can call &#x27;execute()&#x27; on to request the next
291 page. Returns None if there are no more items in the collection.
292 </pre>
293</div>
294
295</body></html>