Skip to content

Latest commit

 

History

History
71 lines (53 loc) · 3.27 KB

CHANGELOG.md

File metadata and controls

71 lines (53 loc) · 3.27 KB
Raw

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

Unreleased

Added

  • Add css transitions to tool buttons so that they slide out when hovered over.
  • Initial support for WebSockets - this adds a new lower tab that shows all of the WebSocket messages proxied through ZAP
  • Added 'Info / Low / Medium / High' qualifications to the buttons of the Page and Site tools.
  • Add the option to launch the tutorial again from the HUD configuration page
  • Add a tutorial page for the HUD Configuration options
  • Add dialog which shows the full websocket message when selected in the table with the option to replay it

Fixed

  • Offset the growl alerts so that they don't block access to the buttons on the lower tab
  • The UI configs are now persisted to ZAP #321

0.3.0 - 2019-02-11

  • Many thanks to Matt Austin (@mattaustin) for reporting security vulnerabilities with the HUD and working with us to fix them.

Added

  • Add API endpoints for getting and setting UI options. #319
  • Add tasks for Enable, Show and Break tutorial pages
  • Add plain text/regex filtering capability to History section #233
  • Add tutorial index page #333
  • Add tutorial pages for tool configuration and the HTML report tool.
  • Add -hud ZAP command line option which launches Firefox configured to proxy through ZAP with the HUD enabled, for use in daemon mode

Fixed

  • Correct handling of upgraded domains on startup. #162
  • Stop the tutorial server when the add-on is uninstalled.
  • Perform stricter validation and filtering on messages from the target domain.

Changed

  • Use websockets instead of HTTP for all ZAP API calls
  • Replaced link to ZAP User Group with one to the new ZAP HUD group and added a desktop menu item for it.
  • Refresh HUD iframes individually instead of refreshing whole page

0.2.0 - 2018-12-31

Added

  • Add option to control on-domain messages. #294
  • Add HTML report tool. #312
  • Require cookie on all API calls

Changed

  • Changed Attack Mode icon to crosshairs. #221

Fixed

  • Upgraded vue.js to 2.5.21 and vue-i18n to 8.5.0

0.1.2 - 2018-12-17

Fixed

  • Fix bug where field alert flags don't show alert dialog. #290

0.1.1 - 2018-12-06

0.1.0 - 2018-12-03

First alpha release.