Zap not listening to http://localhost:3000/#/score-board

442 views
Skip to first unread message

vishal gurnaney

unread,
Jun 8, 2021, 2:17:54 PM6/8/21
to OWASP ZAP User Group
Hi,

I am using Juice Shop application, configured it on my localhost.
zap proxy and firefox is  127.0.0.1:8080.

Zap is able to scan all the traffic except the  http://localhost:3000/#/score-board

Is there a known issue, or I am  missing some configuration settings.


VG

unread,
Jun 8, 2021, 2:36:41 PM6/8/21
to OWASP ZAP User Group
Zap is able to scan only when I do a manual explore but not when i directly launch the application from Firefox browser.

kingthorin+owaspzap

unread,
Jun 8, 2021, 2:52:23 PM6/8/21
to OWASP ZAP User Group
You need to further configure Firefox when manually proxying locally. Remove `localhost` and `127.0.0.1` from the "No proxy for" box, and set `network.proxy.allow_hijacking_localhost` to `true` in `about:config`.

Simon Bennetts

unread,
Jun 9, 2021, 3:55:34 AM6/9/21
to OWASP ZAP User Group
Also, you will not see http://localhost:3000/#/score-board in the sites tree.
Anything after a # in a URL (the fragment) is not sent from the browser to the server so ZAP will not see it.
Reply all
Reply to author
Forward
0 new messages