You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When using ZAP-Advanced with a custom session and/or auth script, the process throws errors:
Logs from zap-advanced-scan container in pod:
2022-05-23 12:16 ZapClient INFO : Loading new Script 'OIDCWithTokenExchange.js' at '/home/zap/.ZAP_D/scripts/scripts/authentication/OIDCWithTokenExchange.js' with type: 'authentication' and engine 'Oracle Nashorn'
2022-05-23 12:16 ZapClient INFO : Activating Script 'OIDCWithTokenExchange.js' with 'enabled: true'
2022-05-23 12:16 ZapClient WARNING : Failed to call ZAP Method ['script.enable'], result is: 'illegal_parameter'
2022-05-23 12:16 ZapConfigureContext INFO : Existing Users will be removed before adding new ones.
2022-05-23 12:16 ZapConfigureContext INFO : Configuring the ZAP session management (type=scriptBasedSessionManagement)
2022-05-23 12:16 ZapClient INFO : Loading new Script 'bap-session-management.js' at '/home/zap/.ZAP_D/scripts/scripts/session/bap-session-management.js' with type: 'session' and engine 'Oracle Nashorn'
2022-05-23 12:16 ZapClient INFO : Activating Script 'bap-session-management.js' with 'enabled: true'
2022-05-23 12:16 ZapClient WARNING : Failed to call ZAP Method ['script.enable'], result is: 'illegal_parameter'
Log from zap-sidecar:
32911 [ZAP-ProxyThread-23] WARN org.zaproxy.zap.extension.api.API - Bad request to API endpoint [/JSON/script/action/remove/] from [0:0:0:0:0:0:0:1]:
org.zaproxy.zap.extension.api.ApiException: does_not_exist
at org.zaproxy.zap.extension.script.ScriptAPI.handleApiAction(ScriptAPI.java:367) ~[zap-2.11.1.jar:2.11.1]
at org.zaproxy.zap.extension.api.API.handleApiRequest(API.java:513) [zap-2.11.1.jar:2.11.1]
at org.parosproxy.paros.core.proxy.ProxyThread.processHttp(ProxyThread.java:497) [zap-2.11.1.jar:2.11.1]
at org.parosproxy.paros.core.proxy.ProxyThread.run(ProxyThread.java:333) [zap-2.11.1.jar:2.11.1]
at java.lang.Thread.run(Thread.java:829) [?:?]
32965 [ZAP-ProxyThread-25] WARN org.zaproxy.zap.extension.api.API - Bad request to API endpoint [/JSON/script/action/enable/] from [0:0:0:0:0:0:0:1]:
org.zaproxy.zap.extension.api.ApiException: illegal_parameter
at org.zaproxy.zap.extension.script.ScriptAPI.handleApiAction(ScriptAPI.java:291) ~[zap-2.11.1.jar:2.11.1]
at org.zaproxy.zap.extension.api.API.handleApiRequest(API.java:513) [zap-2.11.1.jar:2.11.1]
at org.parosproxy.paros.core.proxy.ProxyThread.processHttp(ProxyThread.java:497) [zap-2.11.1.jar:2.11.1]
at org.parosproxy.paros.core.proxy.ProxyThread.run(ProxyThread.java:333) [zap-2.11.1.jar:2.11.1]
at java.lang.Thread.run(Thread.java:829) [?:?]
32979 [ZAP-ProxyThread-26] INFO org.zaproxy.zap.authentication.ScriptBasedAuthenticationMethodType - Loaded script for API:OIDCWithTokenExchange.js
34057 [ZAP-ProxyThread-35] WARN org.zaproxy.zap.extension.api.API - Bad request to API endpoint [/JSON/script/action/remove/] from [0:0:0:0:0:0:0:1]:
org.zaproxy.zap.extension.api.ApiException: does_not_exist
at org.zaproxy.zap.extension.script.ScriptAPI.handleApiAction(ScriptAPI.java:367) ~[zap-2.11.1.jar:2.11.1]
at org.zaproxy.zap.extension.api.API.handleApiRequest(API.java:513) [zap-2.11.1.jar:2.11.1]
at org.parosproxy.paros.core.proxy.ProxyThread.processHttp(ProxyThread.java:497) [zap-2.11.1.jar:2.11.1]
at org.parosproxy.paros.core.proxy.ProxyThread.run(ProxyThread.java:333) [zap-2.11.1.jar:2.11.1]
at java.lang.Thread.run(Thread.java:829) [?:?]
34089 [ZAP-ProxyThread-37] WARN org.zaproxy.zap.extension.api.API - Bad request to API endpoint [/JSON/script/action/enable/] from [0:0:0:0:0:0:0:1]:
org.zaproxy.zap.extension.api.ApiException: illegal_parameter
at org.zaproxy.zap.extension.script.ScriptAPI.handleApiAction(ScriptAPI.java:291) ~[zap-2.11.1.jar:2.11.1]
at org.zaproxy.zap.extension.api.API.handleApiRequest(API.java:513) [zap-2.11.1.jar:2.11.1]
at org.parosproxy.paros.core.proxy.ProxyThread.processHttp(ProxyThread.java:497) [zap-2.11.1.jar:2.11.1]
at org.parosproxy.paros.core.proxy.ProxyThread.run(ProxyThread.java:333) [zap-2.11.1.jar:2.11.1]
at java.lang.Thread.run(Thread.java:829) [?:?]
34111 [ZAP-ProxyThread-38] INFO org.zaproxy.zap.session.ScriptBasedSessionManagementMethodType - Loaded script for API:bap-session-management.js
The scripts are used regardless of the errors, they appear to be cosmetic.
The text was updated successfully, but these errors were encountered:
🐞 Bug report
When using ZAP-Advanced with a custom session and/or auth script, the process throws errors:
Logs from zap-advanced-scan container in pod:
Log from zap-sidecar:
The scripts are used regardless of the errors, they appear to be cosmetic.
The text was updated successfully, but these errors were encountered: