We are trying to scan APIs which has an open API definition:
I have some questions here :
1. From the UI if i try to import the Swagger Defnition we have 2 filed there :
a. The url where the open api defnition has to be imported
b. the actual target url
in the zap apiscan.py how can i pass these two parameter ? How can i see what all the endpoints imported from the open api defnition ? How can i see whether my form hanlder addon configurations are working fine ?
2. If use the zap UI api and import the api defnition it is working with the form handler confiuration .
but when i run zap as a daemon and use localapi , the form handler configurations are not working ? is there any way to add the form handler configuration here ?
docker run --name zap -d -u zap -p 8080:8080 -i owasp/zap2docker-stable zap.sh -daemon -host 0.0.0.0 -port 8080 -config formhandler.fields.field\\(0\\).fieldId=abcd -config formhandler.fields.field\\(0\\).value=efgh -config formhandler.fields.field\\(0\\).enabled=true -config formhandler.fields.field(1\\).fieldId=qqqq -config formhandler.fields.field\\(1\\).value=abcdefgh -config formhandler.fields.field\\(1\\).enabled=true -config
api.addrs.addr.name=.* -config api.addrs.addr.regex=true -config api.disablekey=true -config connection.timeoutInSecs=60