| <html><body> |
| <style> |
| |
| body, h1, h2, h3, div, span, p, pre, a { |
| margin: 0; |
| padding: 0; |
| border: 0; |
| font-weight: inherit; |
| font-style: inherit; |
| font-size: 100%; |
| font-family: inherit; |
| vertical-align: baseline; |
| } |
| |
| body { |
| font-size: 13px; |
| padding: 1em; |
| } |
| |
| h1 { |
| font-size: 26px; |
| margin-bottom: 1em; |
| } |
| |
| h2 { |
| font-size: 24px; |
| margin-bottom: 1em; |
| } |
| |
| h3 { |
| font-size: 20px; |
| margin-bottom: 1em; |
| margin-top: 1em; |
| } |
| |
| pre, code { |
| line-height: 1.5; |
| font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace; |
| } |
| |
| pre { |
| margin-top: 0.5em; |
| } |
| |
| h1, h2, h3, p { |
| font-family: Arial, sans serif; |
| } |
| |
| h1, h2, h3 { |
| border-bottom: solid #CCC 1px; |
| } |
| |
| .toc_element { |
| margin-top: 0.5em; |
| } |
| |
| .firstline { |
| margin-left: 2 em; |
| } |
| |
| .method { |
| margin-top: 1em; |
| border: solid 1px #CCC; |
| padding: 1em; |
| background: #EEE; |
| } |
| |
| .details { |
| font-weight: bold; |
| font-size: 14px; |
| } |
| |
| </style> |
| |
| <h1><a href="websecurityscanner_v1beta.html">Web Security Scanner API</a> . <a href="websecurityscanner_v1beta.projects.html">projects</a> . <a href="websecurityscanner_v1beta.projects.scanConfigs.html">scanConfigs</a> . <a href="websecurityscanner_v1beta.projects.scanConfigs.scanRuns.html">scanRuns</a> . <a href="websecurityscanner_v1beta.projects.scanConfigs.scanRuns.findings.html">findings</a></h1> |
| <h2>Instance Methods</h2> |
| <p class="toc_element"> |
| <code><a href="#close">close()</a></code></p> |
| <p class="firstline">Close httplib2 connections.</p> |
| <p class="toc_element"> |
| <code><a href="#get">get(name, x__xgafv=None)</a></code></p> |
| <p class="firstline">Gets a Finding.</p> |
| <p class="toc_element"> |
| <code><a href="#list">list(parent, filter=None, pageSize=None, pageToken=None, x__xgafv=None)</a></code></p> |
| <p class="firstline">List Findings under a given ScanRun.</p> |
| <p class="toc_element"> |
| <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p> |
| <p class="firstline">Retrieves the next page of results.</p> |
| <h3>Method Details</h3> |
| <div class="method"> |
| <code class="details" id="close">close()</code> |
| <pre>Close httplib2 connections.</pre> |
| </div> |
| |
| <div class="method"> |
| <code class="details" id="get">get(name, x__xgafv=None)</code> |
| <pre>Gets a Finding. |
| |
| Args: |
| name: string, Required. The resource name of the Finding to be returned. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}/findings/{findingId}'. (required) |
| x__xgafv: string, V1 error format. |
| Allowed values |
| 1 - v1 error format |
| 2 - v2 error format |
| |
| Returns: |
| An object of the form: |
| |
| { # A Finding resource represents a vulnerability instance identified during a ScanRun. |
| "body": "A String", # The body of the request that triggered the vulnerability. |
| "description": "A String", # The description of the vulnerability. |
| "finalUrl": "A String", # The URL where the browser lands when the vulnerability is detected. |
| "findingType": "A String", # The type of the Finding. Detailed and up-to-date information on findings can be found here: https://cloud.google.com/security-command-center/docs/how-to-remediate-web-security-scanner |
| "form": { # ! Information about a vulnerability with an HTML. # An addon containing information reported for a vulnerability with an HTML form, if any. |
| "actionUri": "A String", # ! The URI where to send the form when it's submitted. |
| "fields": [ # ! The names of form fields related to the vulnerability. |
| "A String", |
| ], |
| }, |
| "frameUrl": "A String", # If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported. |
| "fuzzedUrl": "A String", # The URL produced by the server-side fuzzer and used in the request that triggered the vulnerability. |
| "httpMethod": "A String", # The http method of the request that triggered the vulnerability, in uppercase. |
| "name": "A String", # The resource name of the Finding. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'. The finding IDs are generated by the system. |
| "outdatedLibrary": { # Information reported for an outdated library. # An addon containing information about outdated libraries. |
| "learnMoreUrls": [ # URLs to learn more information about the vulnerabilities in the library. |
| "A String", |
| ], |
| "libraryName": "A String", # The name of the outdated library. |
| "version": "A String", # The version number. |
| }, |
| "reproductionUrl": "A String", # The URL containing human-readable payload that user can leverage to reproduce the vulnerability. |
| "severity": "A String", # The severity level of the reported vulnerability. |
| "trackingId": "A String", # The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns. |
| "violatingResource": { # Information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc. # An addon containing detailed information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc. |
| "contentType": "A String", # The MIME type of this resource. |
| "resourceUrl": "A String", # URL of this violating resource. |
| }, |
| "vulnerableHeaders": { # Information about vulnerable or missing HTTP Headers. # An addon containing information about vulnerable or missing HTTP headers. |
| "headers": [ # List of vulnerable headers. |
| { # Describes a HTTP Header. |
| "name": "A String", # Header name. |
| "value": "A String", # Header value. |
| }, |
| ], |
| "missingHeaders": [ # List of missing headers. |
| { # Describes a HTTP Header. |
| "name": "A String", # Header name. |
| "value": "A String", # Header value. |
| }, |
| ], |
| }, |
| "vulnerableParameters": { # Information about vulnerable request parameters. # An addon containing information about request parameters which were found to be vulnerable. |
| "parameterNames": [ # The vulnerable parameter names. |
| "A String", |
| ], |
| }, |
| "xss": { # Information reported for an XSS. # An addon containing information reported for an XSS, if any. |
| "errorMessage": "A String", # An error message generated by a javascript breakage. |
| "stackTraces": [ # Stack traces leading to the point where the XSS occurred. |
| "A String", |
| ], |
| }, |
| "xxe": { # Information reported for an XXE. # An addon containing information reported for an XXE, if any. |
| "payloadLocation": "A String", # Location within the request where the payload was placed. |
| "payloadValue": "A String", # The XML string that triggered the XXE vulnerability. Non-payload values might be redacted. |
| }, |
| }</pre> |
| </div> |
| |
| <div class="method"> |
| <code class="details" id="list">list(parent, filter=None, pageSize=None, pageToken=None, x__xgafv=None)</code> |
| <pre>List Findings under a given ScanRun. |
| |
| Args: |
| parent: string, Required. The parent resource name, which should be a scan run resource name in the format 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'. (required) |
| filter: string, Required. The filter expression. The expression must be in the format: . Supported field: 'finding_type'. Supported operator: '='. |
| pageSize: integer, The maximum number of Findings to return, can be limited by server. If not specified or not positive, the implementation will select a reasonable value. |
| pageToken: string, A token identifying a page of results to be returned. This should be a `next_page_token` value returned from a previous List request. If unspecified, the first page of results is returned. |
| x__xgafv: string, V1 error format. |
| Allowed values |
| 1 - v1 error format |
| 2 - v2 error format |
| |
| Returns: |
| An object of the form: |
| |
| { # Response for the `ListFindings` method. |
| "findings": [ # The list of Findings returned. |
| { # A Finding resource represents a vulnerability instance identified during a ScanRun. |
| "body": "A String", # The body of the request that triggered the vulnerability. |
| "description": "A String", # The description of the vulnerability. |
| "finalUrl": "A String", # The URL where the browser lands when the vulnerability is detected. |
| "findingType": "A String", # The type of the Finding. Detailed and up-to-date information on findings can be found here: https://cloud.google.com/security-command-center/docs/how-to-remediate-web-security-scanner |
| "form": { # ! Information about a vulnerability with an HTML. # An addon containing information reported for a vulnerability with an HTML form, if any. |
| "actionUri": "A String", # ! The URI where to send the form when it's submitted. |
| "fields": [ # ! The names of form fields related to the vulnerability. |
| "A String", |
| ], |
| }, |
| "frameUrl": "A String", # If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported. |
| "fuzzedUrl": "A String", # The URL produced by the server-side fuzzer and used in the request that triggered the vulnerability. |
| "httpMethod": "A String", # The http method of the request that triggered the vulnerability, in uppercase. |
| "name": "A String", # The resource name of the Finding. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'. The finding IDs are generated by the system. |
| "outdatedLibrary": { # Information reported for an outdated library. # An addon containing information about outdated libraries. |
| "learnMoreUrls": [ # URLs to learn more information about the vulnerabilities in the library. |
| "A String", |
| ], |
| "libraryName": "A String", # The name of the outdated library. |
| "version": "A String", # The version number. |
| }, |
| "reproductionUrl": "A String", # The URL containing human-readable payload that user can leverage to reproduce the vulnerability. |
| "severity": "A String", # The severity level of the reported vulnerability. |
| "trackingId": "A String", # The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns. |
| "violatingResource": { # Information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc. # An addon containing detailed information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc. |
| "contentType": "A String", # The MIME type of this resource. |
| "resourceUrl": "A String", # URL of this violating resource. |
| }, |
| "vulnerableHeaders": { # Information about vulnerable or missing HTTP Headers. # An addon containing information about vulnerable or missing HTTP headers. |
| "headers": [ # List of vulnerable headers. |
| { # Describes a HTTP Header. |
| "name": "A String", # Header name. |
| "value": "A String", # Header value. |
| }, |
| ], |
| "missingHeaders": [ # List of missing headers. |
| { # Describes a HTTP Header. |
| "name": "A String", # Header name. |
| "value": "A String", # Header value. |
| }, |
| ], |
| }, |
| "vulnerableParameters": { # Information about vulnerable request parameters. # An addon containing information about request parameters which were found to be vulnerable. |
| "parameterNames": [ # The vulnerable parameter names. |
| "A String", |
| ], |
| }, |
| "xss": { # Information reported for an XSS. # An addon containing information reported for an XSS, if any. |
| "errorMessage": "A String", # An error message generated by a javascript breakage. |
| "stackTraces": [ # Stack traces leading to the point where the XSS occurred. |
| "A String", |
| ], |
| }, |
| "xxe": { # Information reported for an XXE. # An addon containing information reported for an XXE, if any. |
| "payloadLocation": "A String", # Location within the request where the payload was placed. |
| "payloadValue": "A String", # The XML string that triggered the XXE vulnerability. Non-payload values might be redacted. |
| }, |
| }, |
| ], |
| "nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no more results in the list. |
| }</pre> |
| </div> |
| |
| <div class="method"> |
| <code class="details" id="list_next">list_next(previous_request, previous_response)</code> |
| <pre>Retrieves the next page of results. |
| |
| Args: |
| previous_request: The request for the previous page. (required) |
| previous_response: The response from the request for the previous page. (required) |
| |
| Returns: |
| A request object that you can call 'execute()' on to request the next |
| page. Returns None if there are no more items in the collection. |
| </pre> |
| </div> |
| |
| </body></html> |
