Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Scripts passed with the -script switch conflict with script folders #3094

Open
starbuck3000 opened this issue Dec 23, 2016 · 3 comments
Open

Scripts passed with the -script switch conflict with script folders #3094

starbuck3000 opened this issue Dec 23, 2016 · 3 comments
Labels
Component-Scripts enhancement Usability

Comments

@starbuck3000
Copy link

Steps:

  1. Launch ZAP GUI
  2. Add script folder in the list of script folders (options -> scripts -> add folder), i.e.: c:\zapscripts
  3. Create standalone zest script "justinbieber.zst" and store it in "c:\zapscripts\standalone\justinbieber.zst"
  4. Close ZAP GUI

Observed:
Path A) Execute: zap.bat -cmd -script c:\zapscripts\standalone\justinbieber.zst
ZAP returns silently.
Path B) Execute: zap.bat -script c:\zapscripts\standalone\justinbieber.zst
An exception is thrown in the console:
6915 [ZAP-BootstrapGUI] ERROR org.zaproxy.zap.extension.script.ExtensionScript - A script with the same name already exists: justinbieber.zst
java.security.InvalidParameterException: A script with the same name already exists: justinbieber.zst
at org.zaproxy.zap.extension.script.ScriptTreeModel.addScript(Unknown Source)
at org.zaproxy.zap.extension.script.ExtensionScript.addScript(Unknown Source)
at org.zaproxy.zap.extension.script.ExtensionScript.addScript(Unknown Source)
at org.zaproxy.zap.extension.script.ExtensionScript.openCmdLineFile(Unknown Source)
at org.zaproxy.zap.extension.script.ExtensionScript.execute(Unknown Source)
at org.parosproxy.paros.extension.ExtensionLoader.runCommandLine(Unknown Source)
at org.parosproxy.paros.control.Control.runCommandLine(Unknown Source)
at org.zaproxy.zap.GuiBootstrap.initControlAndPostViewInit(Unknown Source)
at org.zaproxy.zap.GuiBootstrap.access$100(Unknown Source)
at org.zaproxy.zap.GuiBootstrap$2.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)

Expected:
When a script is launched by an explicit call to the -script switch in the command line, it may show a clear intent from the user ("I want to execute this script"), therefore scripts marked for automated loading at start (i.e. no execution) should either be ignored/skipped or at least not trigger a conflict and result in a silent "ignore".
@thc202
Copy link
Member

thc202 commented Dec 26, 2016

Note that in "Path A" ZAP returns silently because in command line mode it does not write the log to standard output, the behaviour is the same though (i.e. it leads to an error).

I agree on the change of the behaviour. Any other opinions about that?

@thc202 thc202 changed the title Scripts passed with the -script switch conflict with script folders set in the GUI. Scripts passed with the -script switch conflict with script folders Dec 26, 2016
@starbuck3000
Copy link
Author

thank you!

@kingthorin
Copy link
Member

I agree with cli overriding previous gui setting. (Temporarily if possible.)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Component-Scripts enhancement Usability
Milestone
No milestone
Development

No branches or pull requests
3 participants
@starbuck3000 @thc202 @kingthorin