Merge pull request #61 from secureCodeBox/wurstbrot-patch-3

rfelber · web-flow · commit 3cfe6cbd31a7 · 2018-12-03T08:36:29.000+01:00
Correct usage of Zap rule REQ_HEADER
diff --git a/docs/user-guide/scanprocesses/Zap.md b/docs/user-guide/scanprocesses/Zap.md
@@ -96,10 +96,10 @@ A full example target looks like this:
          {
             matchType:"REQ_HEADER",
             description:"Add a special Authentication Header",
-            matchString:"Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l",
+            matchString:"Authorization",
             initiators:"",
             matchRegex:"false",
-            replacement:"Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l",
+            replacement:"Basic QWxhZGRpbjpPcGVuU2VzYW1l",
             enabled:"true"
          }
     ]

Original file line number	Diff line number	Diff line change
`@@ -96,10 +96,10 @@ A full example target looks like this:`
`96`	`96`	`{`
`97`	`97`	`matchType:"REQ_HEADER",`
`98`	`98`	`description:"Add a special Authentication Header",`
`99`		`- matchString:"Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l",`
	`99`	`+ matchString:"Authorization",`
`100`	`100`	`initiators:"",`
`101`	`101`	`matchRegex:"false",`
`102`		`- replacement:"Authorization: Basic QWxhZGRpbjpPcGVuU2VzYW1l",`
	`102`	`+ replacement:"Basic QWxhZGRpbjpPcGVuU2VzYW1l",`
`103`	`103`	`enabled:"true"`
`104`	`104`	`}`
`105`	`105`	`]`