Project

General

Profile

Feature #76

Transaction system (to allow logins before scanning)

Added by Luke Murphey over 11 years ago. Updated almost 11 years ago.

Status:
New
Priority:
High
Assignee:
-
Category:
Scan Engine
Target version:
Start date:
Due date:
% Done:

0%


Description

Implement a transaction system that allows steps to be defined before a rule is evaluated. This would allow a script to "login" before checking the data.

History

#1 Updated by Luke Murphey over 11 years ago

  • Priority changed from Normal to High

#3 Updated by Luke Murphey over 11 years ago

The system needs to account for XSRF protection but loading the page and integrating extra fields into the field list. This will load XSRF key fields.

#4 Updated by Luke Murphey about 11 years ago

  • Category set to Scan Engine

#5 Updated by Luke Murphey almost 11 years ago

  • Start date deleted (04/09/2010)

#6 Updated by Luke Murphey almost 11 years ago

  • Subject changed from Transaction system to Transaction system (to allow logins before scanning)

Such a system needs to:

  • Account for XSRF prevention technologies
  • Capture the session ID (either in a cookie or a URL)
  • Provide HTTP credentials if necessary
  • Allow all fields (login, password, etc.) necessary to be specified
  • Logout of the session following the scan
  • Indicate that the session could not be created (log if authentication failed)

#7 Updated by Luke Murphey almost 11 years ago

  • Target version set to 1.1

Also available in: Atom PDF