Starting ZAP With Environment Variables in Daemon Mode?

372 views

Skip to first unread message

tedev test

unread,

Jul 29, 2022, 4:13:16 PM7/29/22

to OWASP ZAP Developer Group

Does ZAP accept environment variables in daemon mode? For example, if I want to set the api key using an environment variable instead of passing in -config api.key=apikeyplaintext in the ZAP Headless with xvfb will ZAP be able to read in the environment variable?

I've tried running the command with "zap-x.sh -daemon -host 0.0.0.0 -port 8080 -config api.addrs.addr.name=.* -config api.addrs.addr.regex=true -config api.key=ZAP_ENV_VAR" and it doesn't seem to be reading it in. Thanks!

psiinon

unread,

Aug 1, 2022, 3:17:36 AM8/1/22

to OWASP ZAP Developer Group

ZAP itself does not handle en vars (except for for these authentication ones https://www.zaproxy.org/docs/authentication/handling-auth-yourself/#authentication-env-vars )

But you can get the shell to handle the env var - have you tried using "$ZAP_ENV_VAR" ?

Cheers,

Simon

Reply all

Reply to author

Forward

0 new messages