a way to check if zap.openapi.import_file() completed?
16 views
Skip to first unread message
Jeremy Choi
Sep 10, 2021, 3:36:28 AM9/10/21
to OWASP ZAP User Group
Hi folks
I'm testing with the import openAPI function using the python API.
It seems the function, zap.openapi.import_file(), returns async before importing is actually completed, is there a way to check if importing has been completed?
Thanks!
thc...@gmail.com
Sep 10, 2021, 6:06:13 AM9/10/21
to zaprox...@googlegroups.com
Hi.
When using the API the imports are done synchronously.
Could you provide more details about the behaviour you are seeing?
Best regards.
When using the API the imports are done synchronously.
Could you provide more details about the behaviour you are seeing?
Best regards.
Jeremy Choi
Sep 20, 2021, 6:11:16 PM9/20/21
to OWASP ZAP User Group
Hi
I noticed no alert(even a passive scanning rule alert) had been included in the report if I get a report, using zap.core.xmlreport(), right after import, using zap.openapi.import_file()
If I do sleep() for a few seconds between import and generating report, the alerts are included. That's why I thought it would work async. If it's not the case, could you give any hint on that?
Thanks!
thc...@gmail.com
Sep 20, 2021, 6:31:02 PM9/20/21
to zaprox...@googlegroups.com
Hi.
The passive scan might not finish at the same time as the import, you
need to check/wait for the passive scan to finish by polling
zap.pscan.records_to_scan, e.g.:
https://github.com/zaproxy/zap-api-python/blob/1f2b7725ad27f93e5b036e0c63e0a6fef0a2223a/src/examples/basic-spider-scan.py
Best regards.
The passive scan might not finish at the same time as the import, you
need to check/wait for the passive scan to finish by polling
zap.pscan.records_to_scan, e.g.:
https://github.com/zaproxy/zap-api-python/blob/1f2b7725ad27f93e5b036e0c63e0a6fef0a2223a/src/examples/basic-spider-scan.py
Best regards.
Reply all
Reply to author
Forward
0 new messages