404 status code in sitemap

130 views
Skip to first unread message

Mike

unread,
Apr 16, 2024, 7:11:50 AMApr 16
to ZAP User Group
Hello ZAP team!
Is there a way to exclude path analysis in a sitemap with status 404?
Sometimes, while using ZAP during crawling due to spider, requests with a 404 response status get into the sitemap. And when running active and passive scans on this sitemap, it unnecessarily increases the testing time. I managed to find a filter that excludes 404 when setting up active scanning. But is there a mechanism for not adding such paths to the sitemap, maybe it could be related to context, but I couldn't find anything. Are there mechanisms to solve this issue?

Thank you!

Mike

unread,
Apr 17, 2024, 4:57:57 AMApr 17
to ZAP User Group

Simon Bennetts

unread,
Apr 22, 2024, 7:29:18 AMApr 22
to ZAP User Group
Yes, thats the best option for now.

Cheers,

Simon

Mike

unread,
May 2, 2024, 10:34:43 AMMay 2
to ZAP User Group
Thank you very much for the reply!
But this only works for proxy scenarios, for example, if such urls appear as a result of spider, this script does not help :c

thc...@gmail.com

unread,
May 6, 2024, 2:39:59 AMMay 6
to zaprox...@googlegroups.com
At the moment it's not possible to filter them, but that's in the plans.

Best regards.

Mike

unread,
Jul 1, 2024, 4:20:01 AMJul 1
to ZAP User Group
Do I need to open an issue? could you provide me with basic information on this issue, I can participate in the development.

Simon Bennetts

unread,
Jul 9, 2024, 5:18:34 AMJul 9
to ZAP User Group
We already have https://github.com/zaproxy/zaproxy/issues/1174 which is kind of similar.
However maintaining 2 site trees will be non trivial and will take up more memory.
A better option might be to just filter requests out as they happen, so with no option to toggle between them.
We already do this for URLs via Network / Global Exclusions and for images via the Display options.
We would need to agree how it would work and what options we support.

Thoughts anyone?

Simon
Reply all
Reply to author
Forward
0 new messages