Web Security Scanner API . projects . scanConfigs . scanRuns . findings

Instance Methods

close()

Close httplib2 connections.

get(name, x__xgafv=None)

Gets a Finding.

list(parent, pageToken=None, pageSize=None, filter=None, x__xgafv=None)

List Findings under a given ScanRun.

list_next(previous_request, previous_response)

Retrieves the next page of results.

Method Details

close()
Close httplib2 connections.
get(name, x__xgafv=None)
Gets a Finding.

Args:
  name: string, Required. The resource name of the Finding to be returned. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}/findings/{findingId}'. (required)
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # A Finding resource represents a vulnerability instance identified during a ScanRun.
    "httpMethod": "A String", # The http method of the request that triggered the vulnerability, in uppercase.
    "finalUrl": "A String", # The URL where the browser lands when the vulnerability is detected.
    "fuzzedUrl": "A String", # The URL produced by the server-side fuzzer and used in the request that triggered the vulnerability.
    "vulnerableParameters": { # Information about vulnerable request parameters. # An addon containing information about request parameters which were found to be vulnerable.
      "parameterNames": [ # The vulnerable parameter names.
        "A String",
      ],
    },
    "vulnerableHeaders": { # Information about vulnerable or missing HTTP Headers. # An addon containing information about vulnerable or missing HTTP headers.
      "missingHeaders": [ # List of missing headers.
        { # Describes a HTTP Header.
          "value": "A String", # Header value.
          "name": "A String", # Header name.
        },
      ],
      "headers": [ # List of vulnerable headers.
        { # Describes a HTTP Header.
          "value": "A String", # Header value.
          "name": "A String", # Header name.
        },
      ],
    },
    "name": "A String", # The resource name of the Finding. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'. The finding IDs are generated by the system.
    "trackingId": "A String", # The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns.
    "frameUrl": "A String", # If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported.
    "violatingResource": { # Information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc. # An addon containing detailed information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.
      "resourceUrl": "A String", # URL of this violating resource.
      "contentType": "A String", # The MIME type of this resource.
    },
    "body": "A String", # The body of the request that triggered the vulnerability.
    "description": "A String", # The description of the vulnerability.
    "reproductionUrl": "A String", # The URL containing human-readable payload that user can leverage to reproduce the vulnerability.
    "findingType": "A String", # The type of the Finding.
    "outdatedLibrary": { # Information reported for an outdated library. # An addon containing information about outdated libraries.
      "version": "A String", # The version number.
      "libraryName": "A String", # The name of the outdated library.
      "learnMoreUrls": [ # URLs to learn more information about the vulnerabilities in the library.
        "A String",
      ],
    },
    "xss": { # Information reported for an XSS. # An addon containing information reported for an XSS, if any.
      "errorMessage": "A String", # An error message generated by a javascript breakage.
      "stackTraces": [ # Stack traces leading to the point where the XSS occurred.
        "A String",
      ],
    },
  }
list(parent, pageToken=None, pageSize=None, filter=None, x__xgafv=None)
List Findings under a given ScanRun.

Args:
  parent: string, Required. The parent resource name, which should be a scan run resource name in the format 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'. (required)
  pageToken: string, A token identifying a page of results to be returned. This should be a `next_page_token` value returned from a previous List request. If unspecified, the first page of results is returned.
  pageSize: integer, The maximum number of Findings to return, can be limited by server. If not specified or not positive, the implementation will select a reasonable value.
  filter: string, Required. The filter expression. The expression must be in the format: . Supported field: 'finding_type'. Supported operator: '='.
  x__xgafv: string, V1 error format.
    Allowed values
      1 - v1 error format
      2 - v2 error format

Returns:
  An object of the form:

    { # Response for the `ListFindings` method.
    "nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no more results in the list.
    "findings": [ # The list of Findings returned.
      { # A Finding resource represents a vulnerability instance identified during a ScanRun.
        "httpMethod": "A String", # The http method of the request that triggered the vulnerability, in uppercase.
        "finalUrl": "A String", # The URL where the browser lands when the vulnerability is detected.
        "fuzzedUrl": "A String", # The URL produced by the server-side fuzzer and used in the request that triggered the vulnerability.
        "vulnerableParameters": { # Information about vulnerable request parameters. # An addon containing information about request parameters which were found to be vulnerable.
          "parameterNames": [ # The vulnerable parameter names.
            "A String",
          ],
        },
        "vulnerableHeaders": { # Information about vulnerable or missing HTTP Headers. # An addon containing information about vulnerable or missing HTTP headers.
          "missingHeaders": [ # List of missing headers.
            { # Describes a HTTP Header.
              "value": "A String", # Header value.
              "name": "A String", # Header name.
            },
          ],
          "headers": [ # List of vulnerable headers.
            { # Describes a HTTP Header.
              "value": "A String", # Header value.
              "name": "A String", # Header name.
            },
          ],
        },
        "name": "A String", # The resource name of the Finding. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'. The finding IDs are generated by the system.
        "trackingId": "A String", # The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns.
        "frameUrl": "A String", # If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported.
        "violatingResource": { # Information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc. # An addon containing detailed information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.
          "resourceUrl": "A String", # URL of this violating resource.
          "contentType": "A String", # The MIME type of this resource.
        },
        "body": "A String", # The body of the request that triggered the vulnerability.
        "description": "A String", # The description of the vulnerability.
        "reproductionUrl": "A String", # The URL containing human-readable payload that user can leverage to reproduce the vulnerability.
        "findingType": "A String", # The type of the Finding.
        "outdatedLibrary": { # Information reported for an outdated library. # An addon containing information about outdated libraries.
          "version": "A String", # The version number.
          "libraryName": "A String", # The name of the outdated library.
          "learnMoreUrls": [ # URLs to learn more information about the vulnerabilities in the library.
            "A String",
          ],
        },
        "xss": { # Information reported for an XSS. # An addon containing information reported for an XSS, if any.
          "errorMessage": "A String", # An error message generated by a javascript breakage.
          "stackTraces": [ # Stack traces leading to the point where the XSS occurred.
            "A String",
          ],
        },
      },
    ],
  }
list_next(previous_request, previous_response)
Retrieves the next page of results.

Args:
  previous_request: The request for the previous page. (required)
  previous_response: The response from the request for the previous page. (required)

Returns:
  A request object that you can call 'execute()' on to request the next
  page. Returns None if there are no more items in the collection.