Project

General

Profile

Feature #76

Transaction system (to allow logins before scanning)

Added by Luke Murphey over 14 years ago. Updated almost 14 years ago.

Status:
New
Priority:
High
Assignee:
-
Category:
Scan Engine
Target version:
Start date:
Due date:
% Done:

0%


Description

Implement a transaction system that allows steps to be defined before a rule is evaluated. This would allow a script to "login" before checking the data.

History

#1 Updated by Luke Murphey over 14 years ago

  • Priority changed from Normal to High

#3 Updated by Luke Murphey over 14 years ago

The system needs to account for XSRF protection but loading the page and integrating extra fields into the field list. This will load XSRF key fields.

#4 Updated by Luke Murphey about 14 years ago

  • Category set to Scan Engine

#5 Updated by Luke Murphey almost 14 years ago

  • Start date deleted (04/09/2010)

#6 Updated by Luke Murphey almost 14 years ago

  • Subject changed from Transaction system to Transaction system (to allow logins before scanning)

Such a system needs to:

  • Account for XSRF prevention technologies
  • Capture the session ID (either in a cookie or a URL)
  • Provide HTTP credentials if necessary
  • Allow all fields (login, password, etc.) necessary to be specified
  • Logout of the session following the scan
  • Indicate that the session could not be created (log if authentication failed)

#7 Updated by Luke Murphey almost 14 years ago

  • Target version set to 1.1

Also available in: Atom PDF