1<html><body> 2<style> 3 4body, h1, h2, h3, div, span, p, pre, a { 5 margin: 0; 6 padding: 0; 7 border: 0; 8 font-weight: inherit; 9 font-style: inherit; 10 font-size: 100%; 11 font-family: inherit; 12 vertical-align: baseline; 13} 14 15body { 16 font-size: 13px; 17 padding: 1em; 18} 19 20h1 { 21 font-size: 26px; 22 margin-bottom: 1em; 23} 24 25h2 { 26 font-size: 24px; 27 margin-bottom: 1em; 28} 29 30h3 { 31 font-size: 20px; 32 margin-bottom: 1em; 33 margin-top: 1em; 34} 35 36pre, code { 37 line-height: 1.5; 38 font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace; 39} 40 41pre { 42 margin-top: 0.5em; 43} 44 45h1, h2, h3, p { 46 font-family: Arial, sans serif; 47} 48 49h1, h2, h3 { 50 border-bottom: solid #CCC 1px; 51} 52 53.toc_element { 54 margin-top: 0.5em; 55} 56 57.firstline { 58 margin-left: 2 em; 59} 60 61.method { 62 margin-top: 1em; 63 border: solid 1px #CCC; 64 padding: 1em; 65 background: #EEE; 66} 67 68.details { 69 font-weight: bold; 70 font-size: 14px; 71} 72 73</style> 74 75<h1><a href="websecurityscanner_v1alpha.html">Web Security Scanner API</a> . <a href="websecurityscanner_v1alpha.projects.html">projects</a> . <a href="websecurityscanner_v1alpha.projects.scanConfigs.html">scanConfigs</a> . <a href="websecurityscanner_v1alpha.projects.scanConfigs.scanRuns.html">scanRuns</a> . <a href="websecurityscanner_v1alpha.projects.scanConfigs.scanRuns.findings.html">findings</a></h1> 76<h2>Instance Methods</h2> 77<p class="toc_element"> 78 <code><a href="#get">get(name, x__xgafv=None)</a></code></p> 79<p class="firstline">Gets a Finding.</p> 80<p class="toc_element"> 81 <code><a href="#list">list(parent, pageSize=None, pageToken=None, x__xgafv=None, filter=None)</a></code></p> 82<p class="firstline">List Findings under a given ScanRun.</p> 83<p class="toc_element"> 84 <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p> 85<p class="firstline">Retrieves the next page of results.</p> 86<h3>Method Details</h3> 87<div class="method"> 88 <code class="details" id="get">get(name, x__xgafv=None)</code> 89 <pre>Gets a Finding. 90 91Args: 92 name: string, Required. 93The resource name of the Finding to be returned. The name follows the 94format of 95'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}/findings/{findingId}'. (required) 96 x__xgafv: string, V1 error format. 97 Allowed values 98 1 - v1 error format 99 2 - v2 error format 100 101Returns: 102 An object of the form: 103 104 { # A Finding resource represents a vulnerability instance identified during a 105 # ScanRun. 106 "body": "A String", # Output only. 107 # The body of the request that triggered the vulnerability. 108 "xss": { # Information reported for an XSS. # Output only. 109 # An addon containing information reported for an XSS, if any. 110 "stackTraces": [ # Stack traces leading to the point where the XSS occurred. 111 "A String", 112 ], 113 "errorMessage": "A String", # An error message generated by a javascript breakage. 114 }, 115 "outdatedLibrary": { # Information reported for an outdated library. # Output only. 116 # An addon containing information about outdated libraries. 117 "libraryName": "A String", # The name of the outdated library. 118 "version": "A String", # The version number. 119 "learnMoreUrls": [ # URLs to learn more information about the vulnerabilities in the library. 120 "A String", 121 ], 122 }, 123 "name": "A String", # Output only. 124 # The resource name of the Finding. The name follows the format of 125 # 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'. 126 # The finding IDs are generated by the system. 127 "violatingResource": { # Information regarding any resource causing the vulnerability such # Output only. 128 # An addon containing detailed information regarding any resource causing the 129 # vulnerability such as JavaScript sources, image, audio files, etc. 130 # as JavaScript sources, image, audio files, etc. 131 "contentType": "A String", # The MIME type of this resource. 132 "resourceUrl": "A String", # URL of this violating resource. 133 }, 134 "finalUrl": "A String", # Output only. 135 # The URL where the browser lands when the vulnerability is detected. 136 "findingType": "A String", # Output only. 137 # The type of the Finding. 138 "fuzzedUrl": "A String", # Output only. 139 # The URL produced by the server-side fuzzer and used in the request that 140 # triggered the vulnerability. 141 "httpMethod": "A String", # Output only. 142 # The http method of the request that triggered the vulnerability, in 143 # uppercase. 144 "vulnerableParameters": { # Information about vulnerable request parameters. # Output only. 145 # An addon containing information about request parameters which were found 146 # to be vulnerable. 147 "parameterNames": [ # The vulnerable parameter names. 148 "A String", 149 ], 150 }, 151 "trackingId": "A String", # Output only. 152 # The tracking ID uniquely identifies a vulnerability instance across 153 # multiple ScanRuns. 154 "frameUrl": "A String", # Output only. 155 # If the vulnerability was originated from nested IFrame, the immediate 156 # parent IFrame is reported. 157 "vulnerableHeaders": { # Information about vulnerable or missing HTTP Headers. # Output only. 158 # An addon containing information about vulnerable or missing HTTP headers. 159 "missingHeaders": [ # List of missing headers. 160 { # Describes a HTTP Header. 161 "name": "A String", # Header name. 162 "value": "A String", # Header value. 163 }, 164 ], 165 "headers": [ # List of vulnerable headers. 166 { # Describes a HTTP Header. 167 "name": "A String", # Header name. 168 "value": "A String", # Header value. 169 }, 170 ], 171 }, 172 "reproductionUrl": "A String", # Output only. 173 # The URL containing human-readable payload that user can leverage to 174 # reproduce the vulnerability. 175 "description": "A String", # Output only. 176 # The description of the vulnerability. 177 }</pre> 178</div> 179 180<div class="method"> 181 <code class="details" id="list">list(parent, pageSize=None, pageToken=None, x__xgafv=None, filter=None)</code> 182 <pre>List Findings under a given ScanRun. 183 184Args: 185 parent: string, Required. 186The parent resource name, which should be a scan run resource name in the 187format 188'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'. (required) 189 pageSize: integer, The maximum number of Findings to return, can be limited by server. 190If not specified or not positive, the implementation will select a 191reasonable value. 192 pageToken: string, A token identifying a page of results to be returned. This should be a 193`next_page_token` value returned from a previous List request. 194If unspecified, the first page of results is returned. 195 x__xgafv: string, V1 error format. 196 Allowed values 197 1 - v1 error format 198 2 - v2 error format 199 filter: string, The filter expression. The expression must be in the format: <field> 200<operator> <value>. 201Supported field: 'finding_type'. 202Supported operator: '='. 203 204Returns: 205 An object of the form: 206 207 { # Response for the `ListFindings` method. 208 "nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no 209 # more results in the list. 210 "findings": [ # The list of Findings returned. 211 { # A Finding resource represents a vulnerability instance identified during a 212 # ScanRun. 213 "body": "A String", # Output only. 214 # The body of the request that triggered the vulnerability. 215 "xss": { # Information reported for an XSS. # Output only. 216 # An addon containing information reported for an XSS, if any. 217 "stackTraces": [ # Stack traces leading to the point where the XSS occurred. 218 "A String", 219 ], 220 "errorMessage": "A String", # An error message generated by a javascript breakage. 221 }, 222 "outdatedLibrary": { # Information reported for an outdated library. # Output only. 223 # An addon containing information about outdated libraries. 224 "libraryName": "A String", # The name of the outdated library. 225 "version": "A String", # The version number. 226 "learnMoreUrls": [ # URLs to learn more information about the vulnerabilities in the library. 227 "A String", 228 ], 229 }, 230 "name": "A String", # Output only. 231 # The resource name of the Finding. The name follows the format of 232 # 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'. 233 # The finding IDs are generated by the system. 234 "violatingResource": { # Information regarding any resource causing the vulnerability such # Output only. 235 # An addon containing detailed information regarding any resource causing the 236 # vulnerability such as JavaScript sources, image, audio files, etc. 237 # as JavaScript sources, image, audio files, etc. 238 "contentType": "A String", # The MIME type of this resource. 239 "resourceUrl": "A String", # URL of this violating resource. 240 }, 241 "finalUrl": "A String", # Output only. 242 # The URL where the browser lands when the vulnerability is detected. 243 "findingType": "A String", # Output only. 244 # The type of the Finding. 245 "fuzzedUrl": "A String", # Output only. 246 # The URL produced by the server-side fuzzer and used in the request that 247 # triggered the vulnerability. 248 "httpMethod": "A String", # Output only. 249 # The http method of the request that triggered the vulnerability, in 250 # uppercase. 251 "vulnerableParameters": { # Information about vulnerable request parameters. # Output only. 252 # An addon containing information about request parameters which were found 253 # to be vulnerable. 254 "parameterNames": [ # The vulnerable parameter names. 255 "A String", 256 ], 257 }, 258 "trackingId": "A String", # Output only. 259 # The tracking ID uniquely identifies a vulnerability instance across 260 # multiple ScanRuns. 261 "frameUrl": "A String", # Output only. 262 # If the vulnerability was originated from nested IFrame, the immediate 263 # parent IFrame is reported. 264 "vulnerableHeaders": { # Information about vulnerable or missing HTTP Headers. # Output only. 265 # An addon containing information about vulnerable or missing HTTP headers. 266 "missingHeaders": [ # List of missing headers. 267 { # Describes a HTTP Header. 268 "name": "A String", # Header name. 269 "value": "A String", # Header value. 270 }, 271 ], 272 "headers": [ # List of vulnerable headers. 273 { # Describes a HTTP Header. 274 "name": "A String", # Header name. 275 "value": "A String", # Header value. 276 }, 277 ], 278 }, 279 "reproductionUrl": "A String", # Output only. 280 # The URL containing human-readable payload that user can leverage to 281 # reproduce the vulnerability. 282 "description": "A String", # Output only. 283 # The description of the vulnerability. 284 }, 285 ], 286 }</pre> 287</div> 288 289<div class="method"> 290 <code class="details" id="list_next">list_next(previous_request, previous_response)</code> 291 <pre>Retrieves the next page of results. 292 293Args: 294 previous_request: The request for the previous page. (required) 295 previous_response: The response from the request for the previous page. (required) 296 297Returns: 298 A request object that you can call 'execute()' on to request the next 299 page. Returns None if there are no more items in the collection. 300 </pre> 301</div> 302 303</body></html>