The incoming YAML document exceeds the limit: 3145728 code points.
147 views
Skip to first unread message
Matias Nielsen
Apr 11, 2024, 4:43:46 AMApr 11
to ZAP User Group
Hi!
Hope someone can help me.
Trying to run an api scan from a docker machine to our api in swagger.
My results are kind of confusing. I'm getting;
Bad request to API endpoint [/JSON/openapi/action/importUrl/] from [0:0:0:0:0:0:0:1]:
Which comes from The incoming YAML document exceeds the limit: 3145728 code points.
The command i'm running:
docker run -v $(pwd)/options.prop:/zap/wrk/options.prop \
-t ghcr.io/zaproxy/zaproxy:weekly zap-api-scan.py -t "<swagger definition>" \
-J test.json -s -d -f openapi -z "-configfile /zap/wrk/options.prop"
My props file:
replacer.full_list(1).description=xauth
replacer.full_list(1).enabled=true
replacer.full_list(1).matchtype=REQ_HEADER
replacer.full_list(1).matchstr=X-Xsrf-Token
replacer.full_list(1).regex=false
replacer.full_list(1).replacement=XXXXXX
Any ideas?
Hope someone can help me.
Trying to run an api scan from a docker machine to our api in swagger.
My results are kind of confusing. I'm getting;
Bad request to API endpoint [/JSON/openapi/action/importUrl/] from [0:0:0:0:0:0:0:1]:
Which comes from The incoming YAML document exceeds the limit: 3145728 code points.
The command i'm running:
docker run -v $(pwd)/options.prop:/zap/wrk/options.prop \
-t ghcr.io/zaproxy/zaproxy:weekly zap-api-scan.py -t "<swagger definition>" \
-J test.json -s -d -f openapi -z "-configfile /zap/wrk/options.prop"
My props file:
replacer.full_list(1).description=xauth
replacer.full_list(1).enabled=true
replacer.full_list(1).matchtype=REQ_HEADER
replacer.full_list(1).matchstr=X-Xsrf-Token
replacer.full_list(1).regex=false
replacer.full_list(1).replacement=XXXXXX
Any ideas?
thc...@gmail.com
Apr 12, 2024, 4:43:50 AMApr 12
to zaprox...@googlegroups.com
Hi,
This is a known issue, the import is currently limited to a specific
size (security measure). We should increase the limit...
Best regards.
This is a known issue, the import is currently limited to a specific
size (security measure). We should increase the limit...
Best regards.
Reply all
Reply to author
Forward
0 new messages