I'm using the OpenAPI support plugin to crawl a REST API routes (/v1// on HTTP vebs) and run an automated scan. How can I specify and test the URL parameters of the API ? (limit, offset, pagesize, etc.)
1 Answers
0
votes
You could:
- Proxy manual use/exercise of the API.
- Proxy some automated functional tests of the API.
Then run an automated scan on the API use (verbs/params) that ZAP is now aware of.
Edit: 2020-04-22 > There is also currently an open PR which adds support for "example" param values in your OpenAPI definition.