From a243ecb31763a2dca3ddbf8cf48190256ab5090c Mon Sep 17 00:00:00 2001 From: Mukund Kedia Date: Sun, 24 Aug 2025 20:03:38 +0530 Subject: [PATCH 01/10] Added detection of Escaped XSS encodeURIComponent --- .../CrossSiteScriptingScanRule.java | 41 ++++++++++++++----- 1 file changed, 31 insertions(+), 10 deletions(-) diff --git a/addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRule.java b/addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRule.java index f75bb8d95a7..ebed1867920 100644 --- a/addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRule.java +++ b/addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRule.java @@ -74,6 +74,7 @@ public class CrossSiteScriptingScanRule extends AbstractAppParamPlugin ALERT_TAGS = Collections.unmodifiableMap(alertTags); } + protected static final String GENERIC_ALERT = "alert(1)"; protected static final String GENERIC_SCRIPT_ALERT = ""; protected static final String GENERIC_ONERROR_ALERT = ""; protected static final String IMG_ONERROR_LOG = ""; @@ -92,7 +93,7 @@ public class CrossSiteScriptingScanRule extends AbstractAppParamPlugin private static final List GENERIC_SCRIPT_ALERT_LIST = Arrays.asList( - GENERIC_SCRIPT_ALERT, GENERIC_NULL_BYTE_SCRIPT_ALERT, GENERIC_ONERROR_ALERT); + GENERIC_ALERT, GENERIC_SCRIPT_ALERT, GENERIC_NULL_BYTE_SCRIPT_ALERT, GENERIC_ONERROR_ALERT); private static final List GET_POST_TYPES = Arrays.asList(NameValuePair.TYPE_QUERY_STRING, NameValuePair.TYPE_POST_DATA); @@ -388,18 +389,33 @@ private void raiseAlert(int confidence, String param, HtmlContext ctx, String ot private boolean performDirectAttack(HttpMessage msg, String param) { for (String scriptAlert : GENERIC_SCRIPT_ALERT_LIST) { List contexts2 = performAttack(msg, param, "'\"" + scriptAlert, null, 0); - if (contexts2 == null) { - continue; - } - if (!contexts2.isEmpty()) { - // Yep, its vulnerable - if (processContexts(contexts2, param, scriptAlert, false)) { - return true; + List contexts3 = performAttack(msg, param, scriptAlert, null, 0); + if(contexts3 == null) { + if (contexts2 == null) { + continue; + } + if (!contexts2.isEmpty()) { + // Yep, its vulnerable + if (processContexts(contexts2, param, scriptAlert, false)) { + return true; + } + } + + if (isStop()) { + break; } } + else { + if (!contexts3.isEmpty()) { + // Yep, its vulnerable + if (processContexts(contexts3, param, scriptAlert, false)) { + return true; + } + } - if (isStop()) { - break; + if (isStop()) { + break; + } } } return false; @@ -974,6 +990,11 @@ public void scan(HttpMessage msg, String param, String value) { } else if ("script".equalsIgnoreCase(context.getParentTag())) { // its in a script tag... attackWorked = performScriptAttack(context, msg, param); + if (attackWorked) { + break; + } else { + attackWorked = performDirectAttack(msg, param); + } } else { // Try an img tag attackWorked = performImageTagAttack(context, msg, param); From 7a47dbf6a719d76ec95703831ac6a11ed69d7458 Mon Sep 17 00:00:00 2001 From: Mukund Kedia Date: Mon, 25 Aug 2025 00:18:27 +0530 Subject: [PATCH 02/10] Modified encodeURIComponent detection code --- addOns/ascanrules/CHANGELOG.md | 5 +++ .../CrossSiteScriptingScanRule.java | 45 +++++++++---------- 2 files changed, 25 insertions(+), 25 deletions(-) diff --git a/addOns/ascanrules/CHANGELOG.md b/addOns/ascanrules/CHANGELOG.md index cb603ea4cd8..01253a9be7a 100644 --- a/addOns/ascanrules/CHANGELOG.md +++ b/addOns/ascanrules/CHANGELOG.md @@ -26,6 +26,11 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - Scan rules which execute time based attacks now include the "TEST_TIMING" alert tag. - The XPath Injection scan rule now supports error patterns provided via the Custom Payloads add-on (Issue 8958). A minimum of Custom Payloads 0.15.0 is required to take advantage of this optional functionality. +## [73] - 2025-08-25 +### Added +- Detection of Escaped XSS /js/encodeURIComponent test. +- Payload of simple alert in performDirectAttack function. + ## [72] - 2025-06-20 ### Added - Some Postgres error messages in the SQL Injection scan rule. diff --git a/addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRule.java b/addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRule.java index ebed1867920..0b9d4f70b9b 100644 --- a/addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRule.java +++ b/addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRule.java @@ -93,7 +93,9 @@ public class CrossSiteScriptingScanRule extends AbstractAppParamPlugin private static final List GENERIC_SCRIPT_ALERT_LIST = Arrays.asList( - GENERIC_ALERT, GENERIC_SCRIPT_ALERT, GENERIC_NULL_BYTE_SCRIPT_ALERT, GENERIC_ONERROR_ALERT); + GENERIC_SCRIPT_ALERT, + GENERIC_NULL_BYTE_SCRIPT_ALERT, + GENERIC_ONERROR_ALERT); private static final List GET_POST_TYPES = Arrays.asList(NameValuePair.TYPE_QUERY_STRING, NameValuePair.TYPE_POST_DATA); @@ -387,35 +389,28 @@ private void raiseAlert(int confidence, String param, HtmlContext ctx, String ot } private boolean performDirectAttack(HttpMessage msg, String param) { + List contexts3 = performAttack(msg, param, GENERIC_ALERT, null, 0); + if (contexts3 != null && !contexts3.isEmpty()) { + if (processContexts(contexts3, param, GENERIC_ALERT, false)) { + return true; + } + } + for (String scriptAlert : GENERIC_SCRIPT_ALERT_LIST) { List contexts2 = performAttack(msg, param, "'\"" + scriptAlert, null, 0); - List contexts3 = performAttack(msg, param, scriptAlert, null, 0); - if(contexts3 == null) { - if (contexts2 == null) { - continue; - } - if (!contexts2.isEmpty()) { - // Yep, its vulnerable - if (processContexts(contexts2, param, scriptAlert, false)) { - return true; - } - } - - if (isStop()) { - break; - } + + if (contexts2 == null) { + continue; } - else { - if (!contexts3.isEmpty()) { - // Yep, its vulnerable - if (processContexts(contexts3, param, scriptAlert, false)) { - return true; - } + if (!contexts2.isEmpty()) { + // Yep, its vulnerable + if (processContexts(contexts2, param, scriptAlert, false)) { + return true; } + } - if (isStop()) { - break; - } + if (isStop()) { + break; } } return false; From c6635ca03a413a3c583d910d83e47c648f7fe777 Mon Sep 17 00:00:00 2001 From: Mukund Kedia Date: Mon, 25 Aug 2025 18:54:35 +0530 Subject: [PATCH 03/10] Updated Changelog --- addOns/ascanrules/CHANGELOG.md | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/addOns/ascanrules/CHANGELOG.md b/addOns/ascanrules/CHANGELOG.md index 01253a9be7a..4e2d1c27843 100644 --- a/addOns/ascanrules/CHANGELOG.md +++ b/addOns/ascanrules/CHANGELOG.md @@ -25,11 +25,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - The Cloud Metadata Potentially Exposed scan rules now has a CWE reference. - Scan rules which execute time based attacks now include the "TEST_TIMING" alert tag. - The XPath Injection scan rule now supports error patterns provided via the Custom Payloads add-on (Issue 8958). A minimum of Custom Payloads 0.15.0 is required to take advantage of this optional functionality. - -## [73] - 2025-08-25 -### Added -- Detection of Escaped XSS /js/encodeURIComponent test. -- Payload of simple alert in performDirectAttack function. +- Detection of Escaped XSS /js/encodeURIComponent test. Payload of simple alert in performDirectAttack function. ## [72] - 2025-06-20 ### Added From c495f995dbd01c24226c078e498abdf42d22a604 Mon Sep 17 00:00:00 2001 From: Mukund Kedia Date: Mon, 25 Aug 2025 21:45:25 +0530 Subject: [PATCH 04/10] Modified scriptAttack function to add the detection --- .../CrossSiteScriptingScanRule.java | 20 ++++++++----------- 1 file changed, 8 insertions(+), 12 deletions(-) diff --git a/addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRule.java b/addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRule.java index 0b9d4f70b9b..0e5156c157d 100644 --- a/addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRule.java +++ b/addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRule.java @@ -389,13 +389,7 @@ private void raiseAlert(int confidence, String param, HtmlContext ctx, String ot } private boolean performDirectAttack(HttpMessage msg, String param) { - List contexts3 = performAttack(msg, param, GENERIC_ALERT, null, 0); - if (contexts3 != null && !contexts3.isEmpty()) { - if (processContexts(contexts3, param, GENERIC_ALERT, false)) { - return true; - } - } - + for (String scriptAlert : GENERIC_SCRIPT_ALERT_LIST) { List contexts2 = performAttack(msg, param, "'\"" + scriptAlert, null, 0); @@ -413,6 +407,7 @@ private boolean performDirectAttack(HttpMessage msg, String param) { break; } } + return false; } @@ -740,6 +735,12 @@ private boolean performScriptAttack(HtmlContext context, HttpMessage msg, String return true; } } + List contexts3 = performAttack(msg, param, GENERIC_ALERT, null, 0); + if (contexts3 != null && !contexts3.isEmpty()) { + if (processContexts(contexts3, param, GENERIC_ALERT, false)) { + return true; + } + } return false; } @@ -985,11 +986,6 @@ public void scan(HttpMessage msg, String param, String value) { } else if ("script".equalsIgnoreCase(context.getParentTag())) { // its in a script tag... attackWorked = performScriptAttack(context, msg, param); - if (attackWorked) { - break; - } else { - attackWorked = performDirectAttack(msg, param); - } } else { // Try an img tag attackWorked = performImageTagAttack(context, msg, param); From 58abe3084b3d9925755e65e0bfe38b1b7893b3a0 Mon Sep 17 00:00:00 2001 From: Mukund Kedia Date: Mon, 25 Aug 2025 23:06:28 +0530 Subject: [PATCH 05/10] Added unit test for xss in eval --- .../CrossSiteScriptingScanRuleUnitTest.java | 42 +++++++++++++++++++ 1 file changed, 42 insertions(+) diff --git a/addOns/ascanrules/src/test/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRuleUnitTest.java b/addOns/ascanrules/src/test/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRuleUnitTest.java index 8b28fe6147f..2d7f82ddc39 100644 --- a/addOns/ascanrules/src/test/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRuleUnitTest.java +++ b/addOns/ascanrules/src/test/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRuleUnitTest.java @@ -2670,6 +2670,48 @@ protected Response serve(IHTTPSession session) { assertThat(alertsRaised.get(0).getConfidence(), equalTo(Alert.CONFIDENCE_MEDIUM)); } + @Test + void shouldReportXssInSriptAttackInEval() throws NullPointerException, IOException { + // Given + String test = "/shouldReportXssInSriptAttackInEval/"; + + this.nano.addHandler( + new NanoServerHandler(test) { + @Override + protected Response serve(IHTTPSession session) { + String q = getFirstParamValue(session, "q"); + String response; + if (q != null) { + // Make the eye catchers fail + response = + "\n" + + " \n" + + " \n" + + "\n" + + ""; + } else { + response = "No input provided"; + } + return newFixedLengthResponse(response); + } + }); + + HttpMessage msg = this.getHttpMessage(test + "?q=sample"); + this.rule.setConfig(new ZapXmlConfiguration()); + // When + this.rule.init(msg, this.parent); + this.rule.scan(); + // Then + assertThat(alertsRaised.size(), equalTo(1)); + assertThat(alertsRaised.get(0).getParam(), equalTo("q")); + assertThat(alertsRaised.get(0).getAttack(), containsString("alert(1)")); + assertThat(alertsRaised.get(0).getConfidence(), equalTo(Alert.CONFIDENCE_MEDIUM)); + } + @Override protected Path getResourcePath(String resourcePath) { return super.getResourcePath("crosssitescriptingscanrule/" + resourcePath); From 141ac0864214002950f9ff89f799650776d505b8 Mon Sep 17 00:00:00 2001 From: Mukund Kedia Date: Tue, 26 Aug 2025 17:51:47 +0530 Subject: [PATCH 06/10] Code Formatting --- .../CrossSiteScriptingScanRule.java | 10 ++++------ .../CrossSiteScriptingScanRuleUnitTest.java | 19 ++++++++++--------- 2 files changed, 14 insertions(+), 15 deletions(-) diff --git a/addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRule.java b/addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRule.java index 0e5156c157d..461a5d155c9 100644 --- a/addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRule.java +++ b/addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRule.java @@ -93,9 +93,7 @@ public class CrossSiteScriptingScanRule extends AbstractAppParamPlugin private static final List GENERIC_SCRIPT_ALERT_LIST = Arrays.asList( - GENERIC_SCRIPT_ALERT, - GENERIC_NULL_BYTE_SCRIPT_ALERT, - GENERIC_ONERROR_ALERT); + GENERIC_SCRIPT_ALERT, GENERIC_NULL_BYTE_SCRIPT_ALERT, GENERIC_ONERROR_ALERT); private static final List GET_POST_TYPES = Arrays.asList(NameValuePair.TYPE_QUERY_STRING, NameValuePair.TYPE_POST_DATA); @@ -392,7 +390,7 @@ private boolean performDirectAttack(HttpMessage msg, String param) { for (String scriptAlert : GENERIC_SCRIPT_ALERT_LIST) { List contexts2 = performAttack(msg, param, "'\"" + scriptAlert, null, 0); - + if (contexts2 == null) { continue; } @@ -738,8 +736,8 @@ private boolean performScriptAttack(HtmlContext context, HttpMessage msg, String List contexts3 = performAttack(msg, param, GENERIC_ALERT, null, 0); if (contexts3 != null && !contexts3.isEmpty()) { if (processContexts(contexts3, param, GENERIC_ALERT, false)) { - return true; - } + return true; + } } return false; } diff --git a/addOns/ascanrules/src/test/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRuleUnitTest.java b/addOns/ascanrules/src/test/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRuleUnitTest.java index 2d7f82ddc39..c857f699764 100644 --- a/addOns/ascanrules/src/test/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRuleUnitTest.java +++ b/addOns/ascanrules/src/test/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRuleUnitTest.java @@ -2684,15 +2684,16 @@ protected Response serve(IHTTPSession session) { if (q != null) { // Make the eye catchers fail response = - "\n" - + " \n" - + " \n" - + "\n" - + ""; + """ + + + + + + """ + .formatted(q); } else { response = "No input provided"; } From 6d6eae3537135bd8569c37ddc0394ad9a197f019 Mon Sep 17 00:00:00 2001 From: Mukund Kedia Date: Tue, 26 Aug 2025 17:53:08 +0530 Subject: [PATCH 07/10] Performed spotlessApply --- .../ascanrules/CrossSiteScriptingScanRule.java | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRule.java b/addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRule.java index 461a5d155c9..8987a7f165e 100644 --- a/addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRule.java +++ b/addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRule.java @@ -93,7 +93,9 @@ public class CrossSiteScriptingScanRule extends AbstractAppParamPlugin private static final List GENERIC_SCRIPT_ALERT_LIST = Arrays.asList( - GENERIC_SCRIPT_ALERT, GENERIC_NULL_BYTE_SCRIPT_ALERT, GENERIC_ONERROR_ALERT); + GENERIC_SCRIPT_ALERT, + GENERIC_NULL_BYTE_SCRIPT_ALERT, + GENERIC_ONERROR_ALERT); private static final List GET_POST_TYPES = Arrays.asList(NameValuePair.TYPE_QUERY_STRING, NameValuePair.TYPE_POST_DATA); @@ -387,10 +389,8 @@ private void raiseAlert(int confidence, String param, HtmlContext ctx, String ot } private boolean performDirectAttack(HttpMessage msg, String param) { - for (String scriptAlert : GENERIC_SCRIPT_ALERT_LIST) { List contexts2 = performAttack(msg, param, "'\"" + scriptAlert, null, 0); - if (contexts2 == null) { continue; } @@ -405,7 +405,6 @@ private boolean performDirectAttack(HttpMessage msg, String param) { break; } } - return false; } @@ -736,8 +735,8 @@ private boolean performScriptAttack(HtmlContext context, HttpMessage msg, String List contexts3 = performAttack(msg, param, GENERIC_ALERT, null, 0); if (contexts3 != null && !contexts3.isEmpty()) { if (processContexts(contexts3, param, GENERIC_ALERT, false)) { - return true; - } + return true; + } } return false; } From 354006bef81b9d427664d5691fe85964bc369903 Mon Sep 17 00:00:00 2001 From: Mukund Kedia Date: Wed, 27 Aug 2025 15:27:02 +0530 Subject: [PATCH 08/10] spotlessapply --- .../extension/ascanrules/CrossSiteScriptingScanRule.java | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRule.java b/addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRule.java index 8987a7f165e..84b3b37c90c 100644 --- a/addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRule.java +++ b/addOns/ascanrules/src/main/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRule.java @@ -93,9 +93,7 @@ public class CrossSiteScriptingScanRule extends AbstractAppParamPlugin private static final List GENERIC_SCRIPT_ALERT_LIST = Arrays.asList( - GENERIC_SCRIPT_ALERT, - GENERIC_NULL_BYTE_SCRIPT_ALERT, - GENERIC_ONERROR_ALERT); + GENERIC_SCRIPT_ALERT, GENERIC_NULL_BYTE_SCRIPT_ALERT, GENERIC_ONERROR_ALERT); private static final List GET_POST_TYPES = Arrays.asList(NameValuePair.TYPE_QUERY_STRING, NameValuePair.TYPE_POST_DATA); @@ -735,8 +733,8 @@ private boolean performScriptAttack(HtmlContext context, HttpMessage msg, String List contexts3 = performAttack(msg, param, GENERIC_ALERT, null, 0); if (contexts3 != null && !contexts3.isEmpty()) { if (processContexts(contexts3, param, GENERIC_ALERT, false)) { - return true; - } + return true; + } } return false; } From 0e321a567dfbe68325e89409dbd2fdcb5d7bd9f5 Mon Sep 17 00:00:00 2001 From: Mukund Kedia Date: Wed, 27 Aug 2025 15:28:28 +0530 Subject: [PATCH 09/10] Changelog modified. --- addOns/ascanrules/CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/addOns/ascanrules/CHANGELOG.md b/addOns/ascanrules/CHANGELOG.md index 4e2d1c27843..6b72cf8ff0c 100644 --- a/addOns/ascanrules/CHANGELOG.md +++ b/addOns/ascanrules/CHANGELOG.md @@ -25,7 +25,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). - The Cloud Metadata Potentially Exposed scan rules now has a CWE reference. - Scan rules which execute time based attacks now include the "TEST_TIMING" alert tag. - The XPath Injection scan rule now supports error patterns provided via the Custom Payloads add-on (Issue 8958). A minimum of Custom Payloads 0.15.0 is required to take advantage of this optional functionality. -- Detection of Escaped XSS /js/encodeURIComponent test. Payload of simple alert in performDirectAttack function. +- The Cross Site Scripting scan rule has been updated for additional coverage of JavaScript eval situations. ## [72] - 2025-06-20 ### Added From 800f3ae47074e914e38ac22df362443b19a86397 Mon Sep 17 00:00:00 2001 From: Mukund Kedia Date: Thu, 28 Aug 2025 01:14:11 +0530 Subject: [PATCH 10/10] Modified the unit test response HTML --- .../CrossSiteScriptingScanRuleUnitTest.java | 16 ++++------------ .../InputInScriptEval.html | 7 +++++++ 2 files changed, 11 insertions(+), 12 deletions(-) create mode 100644 addOns/ascanrules/src/test/resources/org/zaproxy/zap/extension/ascanrules/crosssitescriptingscanrule/InputInScriptEval.html diff --git a/addOns/ascanrules/src/test/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRuleUnitTest.java b/addOns/ascanrules/src/test/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRuleUnitTest.java index c857f699764..84d754d0fb5 100644 --- a/addOns/ascanrules/src/test/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRuleUnitTest.java +++ b/addOns/ascanrules/src/test/java/org/zaproxy/zap/extension/ascanrules/CrossSiteScriptingScanRuleUnitTest.java @@ -2683,19 +2683,11 @@ protected Response serve(IHTTPSession session) { String response; if (q != null) { // Make the eye catchers fail - response = - """ - - - - - - """ - .formatted(q); + response = getHtml( + "InputInScriptEval.html", + new String[][] {{"q", q}}); } else { - response = "No input provided"; + response = getHtml("NoInput.html"); } return newFixedLengthResponse(response); } diff --git a/addOns/ascanrules/src/test/resources/org/zaproxy/zap/extension/ascanrules/crosssitescriptingscanrule/InputInScriptEval.html b/addOns/ascanrules/src/test/resources/org/zaproxy/zap/extension/ascanrules/crosssitescriptingscanrule/InputInScriptEval.html new file mode 100644 index 00000000000..9f68b11c538 --- /dev/null +++ b/addOns/ascanrules/src/test/resources/org/zaproxy/zap/extension/ascanrules/crosssitescriptingscanrule/InputInScriptEval.html @@ -0,0 +1,7 @@ + + + + + \ No newline at end of file