ZAP UI Improvements Feedback

[Najam Ul Saqib]

Hi,

I am creating this post to discuss the potential areas to improve the look and feel of ZAP; we've heard this from people many times but haven't received anything concrete to work on.

I am beginning with the thing that I have felt, the top bar looks very crowded and confusing (even with me being the user of ZAP for years now) you only know about the functionality when you hover over the button, and if you want to know every button you need to hover over each one by one which is not very user friendly.

Maybe, we group these buttons, or have some drop down where each icon is displayed with its title for better understanding. Today during pentest, I was trying to split the request and response windows side-by-side and was finding it in the request and response tab whereas its in the main tab bar hidden in form of an icon which is very difficult to find.

Moreover, ZAP needs to be given a modern and sleek look which we need to work on.

[psiinon]

Thanks for starting this thread!

Looking forward to what other sugggestions people add...

[josehkly]

Hi,

Feel free to look at the ZAP UI evaluation thread: https://groups.google.com/g/zaproxy-develop/c/Kf7bIxtuMIk

Concerning your ideas with the top bar I think we could all agree that the icons that feature a drop down list should have a down arrow symbol, similar to what we can see in IDEs.

The best way for an user to learn a system concerning labeling is mixing both icons with text labels. However, it is not always possible to do so and here the bar is indeed almost too crowded.

An oportunity for them to better learn the system would be to repeat the correponding icon in the menu bar. Good candidates could be the layout icons.

Another option could be to put them on the right to make a better distinction by location of this particular icon group, but it could be against fits law to put them to far away from the main panel. 

------- Original Message -------

--
You received this message because you are subscribed to the Google Groups "ZAP Developer Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to zaproxy-devel...@googlegroups.com.
To view this discussion on the web, visit https://groups.google.com/d/msgid/zaproxy-develop/7fe3658f-89ba-4782-805b-1a2219e21827n%40googlegroups.com.

[Najam Ul Saqib]

Impressive work in the evaluation document, josehkly!

[Najam Ul Saqib]

While using ZAP today I again felt the need to de-clutter the top bar in ZAP, I think what we can start with is this selection of icons

 

All of them refer to same thing i.e. alignment of tabs in UI, so why not combine them together in a drop-down or something that merges them together in a menu? Having one icon that combines these options together is gonna help reduce the load from the bar and maybe we can include text with icons as well if we manage to reduce the number of icons.

Similarly we have multiple icons for session i.e. save, open, properties, etc. Why not combine them in one dropdown? Thoughts?

[psiinon]

I'm all for decluttering the top toolbar :)

It would be nice to make this user configurable, but we would still need to have a sane default.

One option would be to add telemetry to all of the buttons and see which are used most often?

I think the first set you mentioned are a good candidate for merging into a pulldown button or similar.

I'm not so sure about Open / Save / Options etc.

Comparing with other tools is always a good idea - anyone up for that?

Cheers,

Simon

[Najam Ul Saqib]

If we can add telemetry, that can be a great source of feedback for us. Maybe, we end up removing some of the items even due to very low usage.

May I create two issues on repo? One for telemetry addition and other for merging the alignment buttons in a pulldown button?

[psiinon]

Got for it :)

Telemetry is relatively easy to add, its just a case of finding all of the relevant places.

Cheers,

Simon

[samcker dodi]

i want to suggest also a small changes in ZAP ui 

1- make separate search box at the bottom for request and response in all tabs (request and response - requester - ...etc)

2- make line wrapping always allowed even the response is too long 

3- also need special view for graphql or SAML requests  
thanks 

[Najam Ul Saqib]

+1 for line wrapping enabled by default

[thc...@gmail.com]

You only need to change to your preference once, the option state is
persisted (if not that would be a bug).

Best regards.

[thc...@gmail.com]

2 - It's disabled to prevent hangs of the GUI, allowing to re-enable
would be counterproductive.

Best regards.

[Najam Ul Saqib]

Why word wrap is disabled for some response?

[thc...@gmail.com]

As mentioned in the previous reply, "It's disabled to prevent hangs of
the GUI".

Word wrapping long lines/big messages leads to performance issues (that
should also be mentioned in the footer of the response).

Best regards.

[Najam Ul Saqib]

Does it mean long messages cant be word-wrapped in ZAP?

[psiinon]

They can, but it can lead to performance issues.