how to exclude unnecessary URLs in ZAP html report

0
votes

We are using python selenium and OWASP ZAP API to scan the sites automatically. Finally we will use the code below to generate html issue report. 

file1.write(zap.core.htmlreport(apikey=apikey))

The only issue is, the report contains the too many unnecessary URLs, such as googleapis, facebook, typekit, etc...

We really want to exclude these URLs, we create a new ZAP context, and try to exclude the URLs as:

z.context.exclude_from_context(contextname=cname, regex=regex, apikey=apikey)

the regex is regular expression as :

^http(s)?:\/\/([a-z0-9\-]+.)+(facebook|google).(com|net)\/?

but it doesn't work.... The html still contains the URLs

Anyone could help me ? we want to exclude these URLs or only include the URLs we need in html report

1
securityowaspzap

1 Answers

1
votes

Just solved a similar problem to Python. I can offer what happened: "((http[s]?|ftp)://)?([^ -:/][^:/\s]+).\w+((/\w+)*/)([\w-.]+[^ \s:]+)?"

Also, there is a selection with regular expressions from different authors, maybe something will work, but they were not looking very smoothly: https://mathiasbynens.be/demo/url-regex

And here I tested, it turned out to be very convenient: https://regex101.com/