Update zap-java lib

iriusrisk · Jun 18, 2017 · 5fc7ef7 · 5fc7ef7
1 parent 8cc9e65
commit 5fc7ef7
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 2 deletions.
diff --git a/lib/zap-java-api-2.6.0.jar b/lib/zap-java-api-2.6.0.jar
diff --git a/src/test/java/net/continuumsecurity/steps/AppScanningSteps.java b/src/test/java/net/continuumsecurity/steps/AppScanningSteps.java
@@ -79,6 +79,7 @@ public void disableAllScanners() {
     public ZAProxyScanner getScanner() {
         if (scanner == null) {
             scanner = new ZAProxyScanner(Config.getInstance().getProxyHost(), Config.getInstance().getProxyPort(), Config.getInstance().getProxyApi());
+            scanner.setAttackMode();
         }
         return scanner;
     }

diff --git a/src/test/java/net/continuumsecurity/steps/WebApplicationSteps.java b/src/test/java/net/continuumsecurity/steps/WebApplicationSteps.java
@@ -207,6 +207,7 @@ public void clearProxy() {
     public LoggingProxy getProxy() {
         if (proxy == null)
             proxy = new ZAProxyScanner(Config.getInstance().getProxyHost(), Config.getInstance().getProxyPort(), Config.getInstance().getProxyApi());
+            proxy.setAttackMode();
         return proxy;
     }
 
@@ -479,8 +480,8 @@ private void checkAccessUsingCookieMethod(String sensitiveData) {
                     e.printStackTrace();
                     throw new RuntimeException("Could not copy Har request");
                 }
-                List<HarEntry> results = getProxy().makeRequest(manual, true);
-                results = getProxy().findInResponseHistory(sensitiveData);
+                getProxy().makeRequest(manual, false); //TODO change this to true once ZAP bug is fixed
+                List<HarEntry> results = getProxy().findInResponseHistory(sensitiveData);
                 accessible = results != null && results.size() > 0;
                 if (accessible) break;
             }