Starting ZAP With Environment Variables in Daemon Mode?

20 views
Skip to first unread message

tedev test

unread,
Jul 29, 2022, 4:13:16 PMJul 29
to OWASP ZAP Developer Group
Does ZAP accept environment variables in daemon mode? For example, if I want to set the api key using an environment variable instead of passing in -config api.key=apikeyplaintext in the ZAP Headless with xvfb will ZAP be able to read in the environment variable? 

I've tried running the command with "zap-x.sh -daemon -host 0.0.0.0 -port 8080 -config api.addrs.addr.name=.* -config api.addrs.addr.regex=true -config api.key=ZAP_ENV_VAR" and it doesn't seem to be reading it in. Thanks!

psiinon

unread,
Aug 1, 2022, 3:17:36 AMAug 1
to OWASP ZAP Developer Group
ZAP itself does not handle en vars (except for for these authentication ones https://www.zaproxy.org/docs/authentication/handling-auth-yourself/#authentication-env-vars )
But you can get the shell to handle the env var - have you tried using "$ZAP_ENV_VAR" ?

Cheers,

Simon
Reply all
Reply to author
Forward
0 new messages