Short Codes to update scan template through REST API
Short Codes
The rest API /jobs/{jobId}/dastconfig/updatescant is used to update a settings in the scan jobs. The 'scantNodeXpath' value indicates the XPath of the configuration to be updated. For easier usability, short codes are provided for few commonly used Xpaths.
The following list the Short Codes currently available for ‘updatescant’ REST API in AppScan
Enterprise:
| Short Codes | XPath |
|---|---|
| StartingUrl | //ScanConfiguration/Application/StartingUrls/StartingUrl |
| LoginUsername | //ScanConfiguration/UserInput/FormFiller/Group[@LogicalName='InternalAppScanUserName']/Value |
| LoginPassword | //ScanConfiguration/UserInput/FormFiller/Group[@LogicalName='InternalAppScanPassword']/Value |
| LoginMethod | //ScanConfiguration/SessionManagement/SessionManagementMode |
| CustomHeaders | //ScanConfiguration/customHeaders |
| AccountLockout | //ScanConfiguration/AdvancedScanOptions/Group [@LogicalName='TestOptions']/Key [@LogicalName='AccountLockoutNumOfAttempts']@Value |
| AdditionalDomains | //ScanConfiguration/Application/AdditionalServers |
| Exclusions | //ScanConfiguration/ExploreFilters/RequestFilters |
Usage Examples
In these examples, the scantNodeNewValue is the variable that can be changed.
Changing the starting URL:
{
"scantNodeXpath":"StartingUrl",
"scantNodeNewValue":"https://urlTest.com"
}Changing the login
password:
{
"scantNodeXpath":"LoginPassword",
"scantNodeNewValue":"passwordTest", "encryptNodeValue":true
}Changing the
exclusions:
{
"scantNodeXpath":"Exclusions",
"scantNodeNewValue":"<RequestFilter FilterType="Exclude"><Description>Microsoft SharePoint site removal URL</Description><PathPattern><ConfigPattern IsRegularExpression="True"><Pattern>.*/deleteweb.aspx</Pattern></ConfigPattern>
</PathPattern><ParametersPatterns />
</RequestFilter><RequestFilter FilterType="Exclude"><Description>test exclusion</Description><PathPattern><ConfigPattern IsRegularExpression="True"><Pattern>.*/error.aspx</Pattern></ConfigPattern></PathPattern><ParametersPatterns /></RequestFilter>"
}Note: Every
exclusion has a description, a pattern and also Parameter patterns which is optional. The rest API
overwrites any existing exclusions configured. Hence, it is required to provide the complete list of
exclusions for every addition. This applies to all update of all configurations that have multiple
values.
Setting a custom
header:
{
"scantNodeXpath":"CustomHeaders",
"scantNodeNewValue":"<customHeader><Name>Authorization</Name><HeaderValue>Bearer {0}</HeaderValue><ExtractValueFromBodyRegEx>(?i)value\\s*[:|=]\\s*[\"|']([A-Fa-f0-9]{16})[\"|']</ExtractValueFromBodyRegEx><Enabled>True</Enabled><Type>2</Type></customHeader>"
}Note: In
this example ExtractValueFromBodyRegEx is a regular expression that extracts a value from the
response body. The group within the regular expression (the value between the round brackets) is
inserted into the 'HeaderValue' like Authorization: Bearer <value of the
group>
Setting a Depth
Limit:
{
"scantNodeXpath":"//ScanConfiguration/ExploreFilters/DepthLimit",
"shortcodeXPathValue":false,
"scantNodeNewValue":"25"
}Note: To
update any configurations that do not have a Short Code provided, add
shortcodeXPathValue:false to the json in the body.