Automation framework behind enterprise proxy

[daniel.l...@gmail.com]

Was wondering if it's possible to run the automation framework behind an enterprise proxy, and if so, how do I configure it?

I'm using docker, and running like this

` docker run --env http_proxy=http://myproxy.com:8080 --env https_proxy=http:// myproxy.com:8080 -v $(pwd):/zap/wrk/:rw -t owasp/zap2docker-bare zap.sh -cmd -autorun /zap/wrk/zap.yaml`

But it looks like the proxy is ignored, I'm getting connection timeout when the spider step kicks off. If I disconnect from the VPN, the spider works fine. 

[Simon Bennetts]

The Automation Framework doesnt support proxy configuration in the yaml file yet, but you can still set it via the ZAP command line options.

We have a FAQ for helping you find out what they should be: https://www.zaproxy.org/faq/how-do-you-find-out-what-key-to-use-to-set-a-config-value-on-the-command-line/

Cheers,

Simon

[daniel.l...@gmail.com]

Thanks, that worked! 

For anyone else looking 

zap.sh -cmd -autorun /zap/wrk/zap.yaml \

     -config connection.proxyChain.hostName=example.proxy.com \

     -config connection.proxyChain.port=8080

[Simon Bennetts]

Thanks for letting us know!

[Andy]

Hi Daniel,

In this you are defining the proxy chain. where can we define the actual website (which is behind proxy and we need to scan that. I would appreciate your help.

Thanks

Andy

[Simon Bennetts]

Answered on https://groups.google.com/g/zaproxy-users/c/upSnaHUQ4dc/m/QoXs96zaDQAJ

Please dont ask the same questions on multiple threads, it just gets too confusing.