用來透過 REST API 更新掃描範本的簡碼

簡碼

rest API /jobs/{jobId}/dastconfig/updatescant 是用來更新掃描工作中的設定。'scantNodeXpath' 值表示要更新之配置的 XPath。為了更方便使用,針對一些常用的 Xpaths 提供簡碼。

以下列出針對 AppScan Enterprise 中 ‘updatescant’ REST API 現行可用的「簡碼」:
簡碼 XPath
StartingUrl //ScanConfiguration/Application/StartingUrls/StartingUrl
LoginUsername //ScanConfiguration/UserInput/FormFiller/Group[@LogicalName='InternalAppScanUserName']/Value
LoginPassword //ScanConfiguration/UserInput/FormFiller/Group[@LogicalName='InternalAppScanPassword']/Value
LoginMethod //ScanConfiguration/SessionManagement/SessionManagementMode
CustomHeaders //ScanConfiguration/customHeaders
AccountLockout //ScanConfiguration/AdvancedScanOptions/Group

[@LogicalName='TestOptions']/Key

[@LogicalName='AccountLockoutNumOfAttempts']@Value

AdditionalDomains //ScanConfiguration/Application/AdditionalServers
排除 //ScanConfiguration/ExploreFilters/RequestFilters

用法範例

在這些範例中,scantNodeNewValue 是可以變更的變數。

變更起始 URL:

{
 "scantNodeXpath":"StartingUrl",
 "scantNodeNewValue":"https://urlTest.com"
 }
變更登入密碼:
{
 "scantNodeXpath":"LoginPassword",
 "scantNodeNewValue":"passwordTest", "encryptNodeValue":true
 }
變更排除項目:
{
 "scantNodeXpath":"Exclusions",
 "scantNodeNewValue":"<RequestFilter FilterType="Exclude"><Description>Microsoft SharePoint site removal URL</Description><PathPattern><ConfigPattern IsRegularExpression="True"><Pattern>.*/deleteweb.aspx</Pattern></ConfigPattern>
 </PathPattern><ParametersPatterns />
 </RequestFilter><RequestFilter FilterType="Exclude"><Description>test exclusion</Description><PathPattern><ConfigPattern IsRegularExpression="True"><Pattern>.*/error.aspx</Pattern></ConfigPattern></PathPattern><ParametersPatterns /></RequestFilter>"
 }
註: 每個排除項目都有說明、型樣,以及選用的參數型樣。Rest API 會改寫已配置的任何現有排除項目。因此,必須為每次新增提供完整的排除項目清單。這適用於具有多個值之所有配置的所有更新。
設定自訂標頭:
{
 "scantNodeXpath":"CustomHeaders",
 "scantNodeNewValue":"<customHeader><Name>Authorization</Name><HeaderValue>Bearer {0}</HeaderValue><ExtractValueFromBodyRegEx>(?i)value\\s*[:|=]\\s*[\"|']([A-Fa-f0-9]{16})[\"|']</ExtractValueFromBodyRegEx><Enabled>True</Enabled><Type>2</Type></customHeader>"
 }
註: 在此範例中,ExtractValueFromBodyRegEx 是規則運算式,它會從回應主體擷取值。規則運算式內的群組(括弧之間的值)會插入至 'HeaderValue',例如 Authorization: Bearer <群組的值>
設定深度限制:
{
 "scantNodeXpath":"//ScanConfiguration/ExploreFilters/DepthLimit",
 "shortcodeXPathValue":false,
 "scantNodeNewValue":"25"
 }
註: 如果要更新未提供「簡碼」的任何配置,請將 shortcodeXPathValue:false 新增至主體中的 json