ZAP UI Automation Framework env variables issues
324 views
Skip to first unread message
James M
Mar 28, 2023, 5:06:08 PM3/28/23
to OWASP ZAP User Group
Hello,
I am a big fan of the work that has been done on this tool, and the community it has built. I am trying to pass in a variable into the Environment Variable key:value box within the automation framework. This would be to add in "ZAP_AUTH_HEADER_VALUE" with a variable like: "Bearer 1234dfsb.fedgwe...".
After I upload the openapi json file, then run the active scan. I see that the Authorization header and values I entered before, do not show up in the request. From a docker ran scan, it would be pretty straight forward, I must be missing something here. This is on version 2.12.
Thanks,
James
Simon Bennetts
Mar 29, 2023, 4:42:56 AM3/29/23
to OWASP ZAP User Group
Hi James,
Thanks for the words of encouragement :)
Have you updated the add-ons?
There was a bug in the automation add-on regarding the authentication envvars but that has been fixed.
Cheers,
Simon
James M
Mar 30, 2023, 2:06:14 PM3/30/23
to OWASP ZAP User Group
Hello,
Yes I have the automation plugin up to date. Is the key that I am submitting correct? Ill try a new zap install to see if that fixes anything.
thc...@gmail.com
Mar 30, 2023, 2:46:49 PM3/30/23
to zaprox...@googlegroups.com
Note that that variable should be a system environment variable not one
of the plan. More details in:
https://www.zaproxy.org/docs/authentication/handling-auth-yourself/#authentication-env-vars
Best regards.
of the plan. More details in:
https://www.zaproxy.org/docs/authentication/handling-auth-yourself/#authentication-env-vars
Best regards.
Reply all
Reply to author
Forward
0 new messages