Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Passing unknown codes with one that does not exist made the call fail
See original GitHub issueDescribe the bug
When using the API to disabler scanners in batch, when one does not exist, it does apply the for the others.
https://www.zaproxy.org/docs/api/#ascanactiondisablescanners
Steps to reproduce the behavior
curl http://zap:8080/JSON/ascan/action/disableScanners/?ids=10016,10017
Note that 10016 does not exist for the default policies for the weekly docker image.
This will return a warning
968900 [ZAP-IO-EventExecutor-3-6] WARN org.zaproxy.zap.extension.api.API - Bad request to API endpoint [/JSON/ascan/action/disableScanners/] from [127.0.0.1]:
org.zaproxy.zap.extension.api.ApiException: does_not_exist
at org.zaproxy.zap.extension.ascan.ActiveScanAPI.getScannerFromId(ActiveScanAPI.java:854) ~[zap-D-2022-04-25.jar:D-2022-04-25]
at org.zaproxy.zap.extension.ascan.ActiveScanAPI.setScannersEnabled(ActiveScanAPI.java:781) ~[zap-D-2022-04-25.jar:D-2022-04-25]
at org.zaproxy.zap.extension.ascan.ActiveScanAPI.handleApiAction(ActiveScanAPI.java:447) ~[zap-D-2022-04-25.jar:D-2022-04-25]
at org.zaproxy.zap.extension.api.API.handleApiRequest(API.java:516) ~[zap-D-2022-04-25.jar:D-2022-04-25]
at org.zaproxy.addon.network.internal.server.http.handlers.ZapApiHandler.handleApiRequest(ZapApiHandler.java:93) ~[?:?]
at org.zaproxy.addon.network.internal.server.http.handlers.ZapApiHandler.handleRequest(ZapApiHandler.java:67) ~[?:?]
at org.zaproxy.addon.network.internal.server.http.handlers.HttpRequestHandler.handleMessage0(HttpRequestHandler.java:32) ~[?:?]
at org.zaproxy.addon.network.internal.server.http.handlers.HttpIncludedMessageHandler.handleMessage(HttpIncludedMessageHandler.java:32) ~[?:?]
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.notifyMessageHandlers(MainServerHandler.java:118) ~[?:?]
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.processMessage(MainServerHandler.java:100) ~[?:?]
at org.zaproxy.addon.network.internal.server.http.LocalServerHandler.processMessage(LocalServerHandler.java:63) ~[?:?]
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.process(MainServerHandler.java:83) ~[?:?]
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.channelRead0(MainServerHandler.java:72) ~[?:?]
at org.zaproxy.addon.network.internal.server.http.MainServerHandler.channelRead0(MainServerHandler.java:37) ~[?:?]
at io.netty.channel.SimpleChannelInboundHandler.channelRead(SimpleChannelInboundHandler.java:99) ~[?:?]
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:379) ~[?:?]
at io.netty.channel.AbstractChannelHandlerContext.access$600(AbstractChannelHandlerContext.java:61) ~[?:?]
at io.netty.channel.AbstractChannelHandlerContext$7.run(AbstractChannelHandlerContext.java:370) ~[?:?]
at io.netty.util.concurrent.DefaultEventExecutor.run(DefaultEventExecutor.java:66) ~[?:?]
at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:986) ~[?:?]
at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74) ~[?:?]
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30) ~[?:?]
at java.lang.Thread.run(Thread.java:829) ~[?:?]
The curl to see if it 10017 was disabled :
curl localhost:8080/JSON/ascan/view/scanners/ | jq | grep -H10 10017
Expected behavior
Disable known scanner ids even though some are unknown.
Software versions
FROM owasp/zap2docker-weekly:w2022-04-25
Screenshots
No response
Errors from the zap.log file
No response
Additional context
No response
Would you like to help fix this issue?
- Yes
Issue Analytics
- State:
- Created a year ago
- Comments:7 (3 by maintainers)
Top Results From Across the Web
Error codes in Device Manager in Windows - Microsoft Support
Lists the error codes that may be reported by Device Manager and the possible resolutions in Windows.
Read more >Errors | Node.js v19.2.0 Documentation
It is used when catching an error and throwing a new one with a different message or code in order to still have...
Read more >Handling the 'Object Does Not Exist' Error - SmartBear Support
The “Object Does Not Exist” message indicates that the tested application differs from the state it had during test recording or test creation....
Read more >8. Errors and Exceptions — Python 3.11.1 documentation
The last line of the error message indicates what happened. Exceptions come in different types, and the type is printed as part of...
Read more >Error handling in Step Functions - AWS Documentation
States can report errors with other names. However, these error names can't begin with the States. prefix. As a best practice, ensure production...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Yes.
This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.