blob: 8938768e5e595b5fd81c64ce3c8964a0b2955848 [file] [log] [blame]
Bu Sun Kim715bd7f2019-06-14 16:50:42 -07001<html><body>
2<style>
3
4body, h1, h2, h3, div, span, p, pre, a {
5 margin: 0;
6 padding: 0;
7 border: 0;
8 font-weight: inherit;
9 font-style: inherit;
10 font-size: 100%;
11 font-family: inherit;
12 vertical-align: baseline;
13}
14
15body {
16 font-size: 13px;
17 padding: 1em;
18}
19
20h1 {
21 font-size: 26px;
22 margin-bottom: 1em;
23}
24
25h2 {
26 font-size: 24px;
27 margin-bottom: 1em;
28}
29
30h3 {
31 font-size: 20px;
32 margin-bottom: 1em;
33 margin-top: 1em;
34}
35
36pre, code {
37 line-height: 1.5;
38 font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
39}
40
41pre {
42 margin-top: 0.5em;
43}
44
45h1, h2, h3, p {
46 font-family: Arial, sans serif;
47}
48
49h1, h2, h3 {
50 border-bottom: solid #CCC 1px;
51}
52
53.toc_element {
54 margin-top: 0.5em;
55}
56
57.firstline {
58 margin-left: 2 em;
59}
60
61.method {
62 margin-top: 1em;
63 border: solid 1px #CCC;
64 padding: 1em;
65 background: #EEE;
66}
67
68.details {
69 font-weight: bold;
70 font-size: 14px;
71}
72
73</style>
74
75<h1><a href="websecurityscanner_v1beta.html">Web Security Scanner API</a> . <a href="websecurityscanner_v1beta.projects.html">projects</a> . <a href="websecurityscanner_v1beta.projects.scanConfigs.html">scanConfigs</a> . <a href="websecurityscanner_v1beta.projects.scanConfigs.scanRuns.html">scanRuns</a> . <a href="websecurityscanner_v1beta.projects.scanConfigs.scanRuns.findings.html">findings</a></h1>
76<h2>Instance Methods</h2>
77<p class="toc_element">
78 <code><a href="#get">get(name, x__xgafv=None)</a></code></p>
79<p class="firstline">Gets a Finding.</p>
80<p class="toc_element">
81 <code><a href="#list">list(parent, pageToken=None, x__xgafv=None, pageSize=None, filter=None)</a></code></p>
82<p class="firstline">List Findings under a given ScanRun.</p>
83<p class="toc_element">
84 <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
85<p class="firstline">Retrieves the next page of results.</p>
86<h3>Method Details</h3>
87<div class="method">
88 <code class="details" id="get">get(name, x__xgafv=None)</code>
89 <pre>Gets a Finding.
90
91Args:
Dan O'Mearadd494642020-05-01 07:42:23 -070092 name: string, Required. The resource name of the Finding to be returned. The name follows the
Bu Sun Kim715bd7f2019-06-14 16:50:42 -070093format of
94'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}/findings/{findingId}'. (required)
95 x__xgafv: string, V1 error format.
96 Allowed values
97 1 - v1 error format
98 2 - v2 error format
99
100Returns:
101 An object of the form:
102
103 { # A Finding resource represents a vulnerability instance identified during a
104 # ScanRun.
Dan O'Mearadd494642020-05-01 07:42:23 -0700105 "body": "A String", # The body of the request that triggered the vulnerability.
106 "xss": { # Information reported for an XSS. # An addon containing information reported for an XSS, if any.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700107 "stackTraces": [ # Stack traces leading to the point where the XSS occurred.
108 "A String",
109 ],
110 "errorMessage": "A String", # An error message generated by a javascript breakage.
111 },
Dan O'Mearadd494642020-05-01 07:42:23 -0700112 "outdatedLibrary": { # Information reported for an outdated library. # An addon containing information about outdated libraries.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700113 "libraryName": "A String", # The name of the outdated library.
114 "version": "A String", # The version number.
115 "learnMoreUrls": [ # URLs to learn more information about the vulnerabilities in the library.
116 "A String",
117 ],
118 },
Dan O'Mearadd494642020-05-01 07:42:23 -0700119 "severity": "A String", # The severity level of the reported vulnerability.
120 "form": { # ! Information about a vulnerability with an HTML. # An addon containing information reported for a vulnerability with an HTML
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700121 # form, if any.
122 "fields": [ # ! The names of form fields related to the vulnerability.
123 "A String",
124 ],
125 "actionUri": "A String", # ! The URI where to send the form when it's submitted.
126 },
Dan O'Mearadd494642020-05-01 07:42:23 -0700127 "reproductionUrl": "A String", # The URL containing human-readable payload that user can leverage to
128 # reproduce the vulnerability.
129 "finalUrl": "A String", # The URL where the browser lands when the vulnerability is detected.
130 "findingType": "A String", # The type of the Finding.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700131 # Detailed and up-to-date information on findings can be found here:
132 # https://cloud.google.com/security-scanner/docs/scan-result-details
Dan O'Mearadd494642020-05-01 07:42:23 -0700133 "fuzzedUrl": "A String", # The URL produced by the server-side fuzzer and used in the request that
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700134 # triggered the vulnerability.
Dan O'Mearadd494642020-05-01 07:42:23 -0700135 "name": "A String", # The resource name of the Finding. The name follows the format of
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700136 # 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'.
137 # The finding IDs are generated by the system.
Dan O'Mearadd494642020-05-01 07:42:23 -0700138 "httpMethod": "A String", # The http method of the request that triggered the vulnerability, in
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700139 # uppercase.
Dan O'Mearadd494642020-05-01 07:42:23 -0700140 "vulnerableParameters": { # Information about vulnerable request parameters. # An addon containing information about request parameters which were found
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700141 # to be vulnerable.
142 "parameterNames": [ # The vulnerable parameter names.
143 "A String",
144 ],
145 },
Dan O'Mearadd494642020-05-01 07:42:23 -0700146 "trackingId": "A String", # The tracking ID uniquely identifies a vulnerability instance across
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700147 # multiple ScanRuns.
Dan O'Mearadd494642020-05-01 07:42:23 -0700148 "violatingResource": { # Information regarding any resource causing the vulnerability such # An addon containing detailed information regarding any resource causing the
149 # vulnerability such as JavaScript sources, image, audio files, etc.
150 # as JavaScript sources, image, audio files, etc.
151 "contentType": "A String", # The MIME type of this resource.
152 "resourceUrl": "A String", # URL of this violating resource.
153 },
154 "vulnerableHeaders": { # Information about vulnerable or missing HTTP Headers. # An addon containing information about vulnerable or missing HTTP headers.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700155 "missingHeaders": [ # List of missing headers.
156 { # Describes a HTTP Header.
157 "name": "A String", # Header name.
158 "value": "A String", # Header value.
159 },
160 ],
161 "headers": [ # List of vulnerable headers.
162 { # Describes a HTTP Header.
163 "name": "A String", # Header name.
164 "value": "A String", # Header value.
165 },
166 ],
167 },
Dan O'Mearadd494642020-05-01 07:42:23 -0700168 "frameUrl": "A String", # If the vulnerability was originated from nested IFrame, the immediate
169 # parent IFrame is reported.
170 "description": "A String", # The description of the vulnerability.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700171 }</pre>
172</div>
173
174<div class="method">
175 <code class="details" id="list">list(parent, pageToken=None, x__xgafv=None, pageSize=None, filter=None)</code>
176 <pre>List Findings under a given ScanRun.
177
178Args:
Dan O'Mearadd494642020-05-01 07:42:23 -0700179 parent: string, Required. The parent resource name, which should be a scan run resource name in the
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700180format
181'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'. (required)
182 pageToken: string, A token identifying a page of results to be returned. This should be a
183`next_page_token` value returned from a previous List request.
184If unspecified, the first page of results is returned.
185 x__xgafv: string, V1 error format.
186 Allowed values
187 1 - v1 error format
188 2 - v2 error format
189 pageSize: integer, The maximum number of Findings to return, can be limited by server.
190If not specified or not positive, the implementation will select a
191reasonable value.
Dan O'Mearadd494642020-05-01 07:42:23 -0700192 filter: string, Required. The filter expression. The expression must be in the format: &lt;field&gt;
193&lt;operator&gt; &lt;value&gt;.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700194Supported field: 'finding_type'.
195Supported operator: '='.
196
197Returns:
198 An object of the form:
199
200 { # Response for the `ListFindings` method.
201 "nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no
202 # more results in the list.
203 "findings": [ # The list of Findings returned.
204 { # A Finding resource represents a vulnerability instance identified during a
205 # ScanRun.
Dan O'Mearadd494642020-05-01 07:42:23 -0700206 "body": "A String", # The body of the request that triggered the vulnerability.
207 "xss": { # Information reported for an XSS. # An addon containing information reported for an XSS, if any.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700208 "stackTraces": [ # Stack traces leading to the point where the XSS occurred.
209 "A String",
210 ],
211 "errorMessage": "A String", # An error message generated by a javascript breakage.
212 },
Dan O'Mearadd494642020-05-01 07:42:23 -0700213 "outdatedLibrary": { # Information reported for an outdated library. # An addon containing information about outdated libraries.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700214 "libraryName": "A String", # The name of the outdated library.
215 "version": "A String", # The version number.
216 "learnMoreUrls": [ # URLs to learn more information about the vulnerabilities in the library.
217 "A String",
218 ],
219 },
Dan O'Mearadd494642020-05-01 07:42:23 -0700220 "severity": "A String", # The severity level of the reported vulnerability.
221 "form": { # ! Information about a vulnerability with an HTML. # An addon containing information reported for a vulnerability with an HTML
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700222 # form, if any.
223 "fields": [ # ! The names of form fields related to the vulnerability.
224 "A String",
225 ],
226 "actionUri": "A String", # ! The URI where to send the form when it's submitted.
227 },
Dan O'Mearadd494642020-05-01 07:42:23 -0700228 "reproductionUrl": "A String", # The URL containing human-readable payload that user can leverage to
229 # reproduce the vulnerability.
230 "finalUrl": "A String", # The URL where the browser lands when the vulnerability is detected.
231 "findingType": "A String", # The type of the Finding.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700232 # Detailed and up-to-date information on findings can be found here:
233 # https://cloud.google.com/security-scanner/docs/scan-result-details
Dan O'Mearadd494642020-05-01 07:42:23 -0700234 "fuzzedUrl": "A String", # The URL produced by the server-side fuzzer and used in the request that
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700235 # triggered the vulnerability.
Dan O'Mearadd494642020-05-01 07:42:23 -0700236 "name": "A String", # The resource name of the Finding. The name follows the format of
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700237 # 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'.
238 # The finding IDs are generated by the system.
Dan O'Mearadd494642020-05-01 07:42:23 -0700239 "httpMethod": "A String", # The http method of the request that triggered the vulnerability, in
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700240 # uppercase.
Dan O'Mearadd494642020-05-01 07:42:23 -0700241 "vulnerableParameters": { # Information about vulnerable request parameters. # An addon containing information about request parameters which were found
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700242 # to be vulnerable.
243 "parameterNames": [ # The vulnerable parameter names.
244 "A String",
245 ],
246 },
Dan O'Mearadd494642020-05-01 07:42:23 -0700247 "trackingId": "A String", # The tracking ID uniquely identifies a vulnerability instance across
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700248 # multiple ScanRuns.
Dan O'Mearadd494642020-05-01 07:42:23 -0700249 "violatingResource": { # Information regarding any resource causing the vulnerability such # An addon containing detailed information regarding any resource causing the
250 # vulnerability such as JavaScript sources, image, audio files, etc.
251 # as JavaScript sources, image, audio files, etc.
252 "contentType": "A String", # The MIME type of this resource.
253 "resourceUrl": "A String", # URL of this violating resource.
254 },
255 "vulnerableHeaders": { # Information about vulnerable or missing HTTP Headers. # An addon containing information about vulnerable or missing HTTP headers.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700256 "missingHeaders": [ # List of missing headers.
257 { # Describes a HTTP Header.
258 "name": "A String", # Header name.
259 "value": "A String", # Header value.
260 },
261 ],
262 "headers": [ # List of vulnerable headers.
263 { # Describes a HTTP Header.
264 "name": "A String", # Header name.
265 "value": "A String", # Header value.
266 },
267 ],
268 },
Dan O'Mearadd494642020-05-01 07:42:23 -0700269 "frameUrl": "A String", # If the vulnerability was originated from nested IFrame, the immediate
270 # parent IFrame is reported.
271 "description": "A String", # The description of the vulnerability.
Bu Sun Kim715bd7f2019-06-14 16:50:42 -0700272 },
273 ],
274 }</pre>
275</div>
276
277<div class="method">
278 <code class="details" id="list_next">list_next(previous_request, previous_response)</code>
279 <pre>Retrieves the next page of results.
280
281Args:
282 previous_request: The request for the previous page. (required)
283 previous_response: The response from the request for the previous page. (required)
284
285Returns:
286 A request object that you can call 'execute()' on to request the next
287 page. Returns None if there are no more items in the collection.
288 </pre>
289</div>
290
291</body></html>