The incoming YAML document exceeds the limit: 3145728 code points.

311 views
Skip to first unread message

Matias Nielsen

unread,
Apr 11, 2024, 4:43:46 AMApr 11
to ZAP User Group
Hi!
Hope someone can help me. 

Trying to run an api scan from a docker machine to our api in swagger.

My results are kind of confusing. I'm getting;
Bad request to API endpoint [/JSON/openapi/action/importUrl/] from [0:0:0:0:0:0:0:1]:

Which comes from  The incoming YAML document exceeds the limit: 3145728 code points.

The command i'm running:

docker run -v $(pwd)/options.prop:/zap/wrk/options.prop \
-t ghcr.io/zaproxy/zaproxy:weekly zap-api-scan.py -t "<swagger definition>" \
-J test.json -s -d -f openapi -z "-configfile /zap/wrk/options.prop"

My props file:
replacer.full_list(1).description=xauth
replacer.full_list(1).enabled=true
replacer.full_list(1).matchtype=REQ_HEADER
replacer.full_list(1).matchstr=X-Xsrf-Token
replacer.full_list(1).regex=false
replacer.full_list(1).replacement=XXXXXX


Any ideas?

thc...@gmail.com

unread,
Apr 12, 2024, 4:43:50 AMApr 12
to zaprox...@googlegroups.com
Hi,

This is a known issue, the import is currently limited to a specific
size (security measure). We should increase the limit...

Best regards.
Reply all
Reply to author
Forward
0 new messages