Skip to content

Commit 4356ba6

Browse files
Google APIscopybara-github
Google APIs
authored and
copybara-github
committed
feat: added NO_STARTING_URL_FOUND_FOR_MANAGED_SCAN to ScanRunWarningTrace.Code
fix: Added fix to return a list of the endpoints that encountered errors during crawl, along with the specific error message when the starting URL returns Http errors fix: GoogleAccount is deprecated PiperOrigin-RevId: 472758119
1 parent 88f2ea3 commit 4356ba6

10 files changed

Lines changed: 43 additions & 13 deletions

google/cloud/websecurityscanner/v1/crawled_url.proto

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
// Copyright 2020 Google LLC
1+
// Copyright 2022 Google LLC
22
//
33
// Licensed under the Apache License, Version 2.0 (the "License");
44
// you may not use this file except in compliance with the License.

google/cloud/websecurityscanner/v1/finding.proto

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
// Copyright 2020 Google LLC
1+
// Copyright 2022 Google LLC
22
//
33
// Licensed under the Apache License, Version 2.0 (the "License");
44
// you may not use this file except in compliance with the License.
@@ -116,4 +116,7 @@ message Finding {
116116

117117
// Output only. An addon containing information reported for an XSS, if any.
118118
Xss xss = 14;
119+
120+
// Output only. An addon containing information reported for an XXE, if any.
121+
Xxe xxe = 18 [(google.api.field_behavior) = OUTPUT_ONLY];
119122
}

google/cloud/websecurityscanner/v1/finding_addon.proto

Lines changed: 20 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
// Copyright 2020 Google LLC
1+
// Copyright 2022 Google LLC
22
//
33
// Licensed under the Apache License, Version 2.0 (the "License");
44
// you may not use this file except in compliance with the License.
@@ -145,3 +145,22 @@ message Xss {
145145
// The reproduction url for the seeding POST request of a Stored XSS.
146146
string stored_xss_seeding_url = 4;
147147
}
148+
149+
// Information reported for an XXE.
150+
message Xxe {
151+
// Locations within a request where XML was substituted.
152+
enum Location {
153+
// Unknown Location.
154+
LOCATION_UNSPECIFIED = 0;
155+
156+
// The XML payload replaced the complete request body.
157+
COMPLETE_REQUEST_BODY = 1;
158+
}
159+
160+
// The XML string that triggered the XXE vulnerability. Non-payload values
161+
// might be redacted.
162+
string payload_value = 1;
163+
164+
// Location within the request where the payload was placed.
165+
Location payload_location = 2;
166+
}

google/cloud/websecurityscanner/v1/finding_type_stats.proto

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
// Copyright 2020 Google LLC
1+
// Copyright 2022 Google LLC
22
//
33
// Licensed under the Apache License, Version 2.0 (the "License");
44
// you may not use this file except in compliance with the License.

google/cloud/websecurityscanner/v1/scan_config.proto

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
// Copyright 2020 Google LLC
1+
// Copyright 2022 Google LLC
22
//
33
// Licensed under the Apache License, Version 2.0 (the "License");
44
// you may not use this file except in compliance with the License.
@@ -33,6 +33,8 @@ message ScanConfig {
3333
message Authentication {
3434
// Describes authentication configuration that uses a Google account.
3535
message GoogleAccount {
36+
option deprecated = true;
37+
3638
// Required. The user name of the Google account.
3739
string username = 1;
3840

@@ -76,7 +78,7 @@ message ScanConfig {
7678
// Authentication configuration
7779
oneof authentication {
7880
// Authentication using a Google account.
79-
GoogleAccount google_account = 1;
81+
GoogleAccount google_account = 1 [deprecated = true];
8082

8183
// Authentication using a custom account.
8284
CustomAccount custom_account = 2;
@@ -185,4 +187,7 @@ message ScanConfig {
185187
// Whether the scan configuration has enabled static IP address scan feature.
186188
// If enabled, the scanner will access applications from static IP addresses.
187189
bool static_ip_scan = 14;
190+
191+
// Whether to keep scanning even if most requests return HTTP error codes.
192+
bool ignore_http_status_errors = 15;
188193
}

google/cloud/websecurityscanner/v1/scan_config_error.proto

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
// Copyright 2020 Google LLC
1+
// Copyright 2022 Google LLC
22
//
33
// Licensed under the Apache License, Version 2.0 (the "License");
44
// you may not use this file except in compliance with the License.

google/cloud/websecurityscanner/v1/scan_run.proto

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
// Copyright 2020 Google LLC
1+
// Copyright 2022 Google LLC
22
//
33
// Licensed under the Apache License, Version 2.0 (the "License");
44
// you may not use this file except in compliance with the License.

google/cloud/websecurityscanner/v1/scan_run_error_trace.proto

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
// Copyright 2020 Google LLC
1+
// Copyright 2022 Google LLC
22
//
33
// Licensed under the Apache License, Version 2.0 (the "License");
44
// you may not use this file except in compliance with the License.
@@ -31,7 +31,7 @@ option ruby_package = "Google::Cloud::WebSecurityScanner::V1";
3131
message ScanRunErrorTrace {
3232
// Output only.
3333
// Defines an error reason code.
34-
// Next id: 7
34+
// Next id: 8
3535
enum Code {
3636
// Default value is never used.
3737
CODE_UNSPECIFIED = 0;

google/cloud/websecurityscanner/v1/scan_run_warning_trace.proto

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
// Copyright 2020 Google LLC
1+
// Copyright 2022 Google LLC
22
//
33
// Licensed under the Apache License, Version 2.0 (the "License");
44
// you may not use this file except in compliance with the License.
@@ -51,6 +51,9 @@ message ScanRunWarningTrace {
5151

5252
// Indicates that a scan is blocked by IAP.
5353
BLOCKED_BY_IAP = 4;
54+
55+
// Indicates that no seeds is found for a scan
56+
NO_STARTING_URL_FOUND_FOR_MANAGED_SCAN = 5;
5457
}
5558

5659
// Output only. Indicates the warning code.

google/cloud/websecurityscanner/v1/web_security_scanner.proto

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
// Copyright 2020 Google LLC
1+
// Copyright 2022 Google LLC
22
//
33
// Licensed under the Apache License, Version 2.0 (the "License");
44
// you may not use this file except in compliance with the License.
@@ -17,14 +17,14 @@ syntax = "proto3";
1717
package google.cloud.websecurityscanner.v1;
1818

1919
import "google/api/annotations.proto";
20+
import "google/api/client.proto";
2021
import "google/cloud/websecurityscanner/v1/crawled_url.proto";
2122
import "google/cloud/websecurityscanner/v1/finding.proto";
2223
import "google/cloud/websecurityscanner/v1/finding_type_stats.proto";
2324
import "google/cloud/websecurityscanner/v1/scan_config.proto";
2425
import "google/cloud/websecurityscanner/v1/scan_run.proto";
2526
import "google/protobuf/empty.proto";
2627
import "google/protobuf/field_mask.proto";
27-
import "google/api/client.proto";
2828

2929
option csharp_namespace = "Google.Cloud.WebSecurityScanner.V1";
3030
option go_package = "google.golang.org/genproto/googleapis/cloud/websecurityscanner/v1;websecurityscanner";

0 commit comments

Comments
 (0)