Skip to content


Subversion checkout URL

You can clone with
Download ZIP


Update element and issue representation, logging and trust evaluation. #209

Zapotek opened this Issue · 0 comments

1 participant


The Issue object hasn't been updated in a long time for compatibility reasons but it's time to be cleaned up.

  • Clean up Element objects and Page (initializers are especially ugly).
  • The new Issue object should be:
    • Much closer to the cleaned up issues the WebUI is using.
    • Able to hold the vulnerable Element itself when possible (i.e. when it's an auditable input vector like a Link, Form, Cookie, Header or even Page) instead of a bunch of poorly worded attributes.
    • Able to hold the whole associated HTTP Request and Response objects.
  • Trust evaluation should be an operation performed on the issues themselves by meta-plugins (/default/meta/) instead of the plugins logging a list of issues which they think are untrustworthy and requiring the system to go looking for them in plugin results. The meta-plugins should bestow their opinion onto the issue along with a description and/or a reason why.
@Zapotek Zapotek was assigned
@Zapotek Zapotek referenced this issue from a commit
@Zapotek Zapotek discovery meta-analysis plugin:
  * Updated to add remarks to logged issues
  * Added spec

  [Issue #209]
@Zapotek Zapotek referenced this issue from a commit
@Zapotek Zapotek Elements: Cleaned up initializers and attribute names
[Issue #209]

Also refactored a bunch of other system components to accommodate
these changes.
@Zapotek Zapotek closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.