OpenAPI scan
8 views
Skip to first unread message
Julia Khanbekova
Nov 10, 2025, 7:33:49 AM (2 days ago) Nov 10
to ZAP User Group
Hi, Simon,
I'm running an OpenAPI scan and encountered an issue with path parameter substitution.
I have an endpoint defined as /test/{test_id}/test
But during the scan, ZAP sends the request as:
POST /test//test
Content-Type: application/json
{"name":"ZAP","code":"John Doe","description":"Zaproxy alias impedit expedita quisquam pariatur exercitationem. Nemo rerum eveniet dolores rem quia dignissimos.","reference_group":"John Doe"}
ZAP doesn’t substitute the {test_id} parameter, even though it’s defined as required in the OpenAPI spec:
"/test/{test_id}/test":{
"post":{
"tags":["test","test test"],
"summary":"test test",
"description":"test test",
"operationId":"post",
"parameters":[{
"name":"test_id",
"in":"path",
"description":"ID test",
"required":true,
"schema":{
"type":"string",
"format":"uuid"
}
}],
"requestBody":{
"content":{
"application/json":{
"schema":{
"$ref":"#/***"
}
}
},
"required":true
},
"responses":{
"400":{
"description":"Bad Request",
"content":{
"*/*":{
"schema":{
"$ref":"#/***"
}
}
}
},
"200":{
"description":"OK",
"content":{
"application/json":{
"schema":{
"$ref":"#/***"
}
}
}
}
}
}
}
Could you please help me understand why ZAP doesn’t substitute the test_id value and sends /test//test instead?
I'm running an OpenAPI scan and encountered an issue with path parameter substitution.
I have an endpoint defined as /test/{test_id}/test
But during the scan, ZAP sends the request as:
POST /test//test
Content-Type: application/json
{"name":"ZAP","code":"John Doe","description":"Zaproxy alias impedit expedita quisquam pariatur exercitationem. Nemo rerum eveniet dolores rem quia dignissimos.","reference_group":"John Doe"}
ZAP doesn’t substitute the {test_id} parameter, even though it’s defined as required in the OpenAPI spec:
"/test/{test_id}/test":{
"post":{
"tags":["test","test test"],
"summary":"test test",
"description":"test test",
"operationId":"post",
"parameters":[{
"name":"test_id",
"in":"path",
"description":"ID test",
"required":true,
"schema":{
"type":"string",
"format":"uuid"
}
}],
"requestBody":{
"content":{
"application/json":{
"schema":{
"$ref":"#/***"
}
}
},
"required":true
},
"responses":{
"400":{
"description":"Bad Request",
"content":{
"*/*":{
"schema":{
"$ref":"#/***"
}
}
}
},
"200":{
"description":"OK",
"content":{
"application/json":{
"schema":{
"$ref":"#/***"
}
}
}
}
}
}
}
Could you please help me understand why ZAP doesn’t substitute the test_id value and sends /test//test instead?
Reply all
Reply to author
Forward
0 new messages