Custom Header tab
The Custom Headers tab of Parameters and Cookies view in the Configuration dialog box.
About this task
The third tab of Explore: Parameters and Cookies view lets you define non-standard (custom) HTTP header formats. AppScan® must be able to identify parameters in response content and correctly add them to headers it sends to the site, in order to be able to test the site effectively. It attempts to recognize custom headers automatically, but you can use this tab to add and modify the definitions. You can also activate or deactivate existing definitions (when deactivated the definition is saved with the scan but not used).
Procedure
The Add/Edit Custom Header dialog box opens. Its fields and options are described in the table following.
Setting |
Description |
---|---|
Select header... |
If requests have been recorded, and AppScan has identified a custom header, it will appear in a drop-down list at the top of the dialog box. If no custom headers have been found, this drop-down list does not appear. If you select a header from this list, the remaining fields are filled automatically. |
Header Name |
The HTTP header name. |
Track Type |
|
Login/Dynamic/Fixed |
|
Value |
(Fixed only) Enter the value. |
Format |
(Dynamic only) Define the format of the full header, with one or more groups for the dynamic
values, starting with |
Regular expression |
(Dynamic only) Regexp defining the values in the site's response. Must include a group for each value defined in the Format field. |
Regular expression review pane |
(Dynamic only) Click to expand. Use this pane to validate your regexp. Enter the full response in the upper field, and the lower field will display groups identified, and their values. |
Header Validation |
Indicates whether or not the header definition has been successfully validated for use when scanning. |