Merge pull request #1644 from zapbot/update-site-content

thc202 · web-flow · commit 026a8773e88c · 2025-01-24T18:07:17.000Z
Update site content
diff --git a/docs/getting-further/authentication/session-handling/index.html b/docs/getting-further/authentication/session-handling/index.html
@@ -144,7 +144,7 @@ <h1 class="text--white">Authentication - Session Handling</h1>
 <p><a href="/docs/desktop/start/features/sessionmanagement/">Session management</a> configuration is part of a ZAP context.</p>
 <ul>
 <li>In the ZAP desktop it is configured via the Context <a href="/docs/desktop/ui/dialogs/session/contexts/">Session Management</a> screen.</li>
-<li>In the <a href="/docs/automate/automation-framework/">Authentication Framework</a> it is part of a context defined in the <a href="/docs/desktop/addons/automation-framework/environment/">environment</a>.</li>
+<li>In the <a href="/docs/automate/automation-framework/">Automation Framework</a> it is part of a context defined in the <a href="/docs/desktop/addons/automation-framework/environment/">environment</a>.</li>
 <li>In the API it is configured via endpoints underneath the <a href="/docs/api/#zap-api-sessionmanagement">sessionManagement</a> component.</li>
 </ul>
 <p>ZAP supports Cookie and HTTP Authentication Session Management out of the box.</p>
diff --git a/search/index.json b/search/index.json
@@ -4973,7 +4973,7 @@
     "keywords": ["-","authentication","guide","handling","session"],
     "tags": ["authentication","guide"],
     "summary": "\u003cp\u003e\u003cscript type=\"text/javascript\" async src=\"https://play.vidyard.com/embed/v4.js\"\u003e\u003c/script\u003e\n\nIf ZAP is handling authentication then it needs to handle sessions as well - logging in is of no use if ZAP does not maintain the session as the target app will just treat ZAP as being unauthenticated.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"/docs/desktop/start/features/sessionmanagement/\"\u003eSession management\u003c/a\u003e configuration is part of a ZAP context.\u003c/p\u003e",
-    "content": "zap handling authentication then needs handle sessions logging use does not maintain session target app will just treat being unauthenticated management configuration part context desktop configured via screen framework defined environment api endpoints underneath sessionmanagement component supports cookie http out box your uses another mechanism you can that using custom script applications may implement serverside clientside both sides difficult test isolation typically need also configure before should always try auto detection first works nearly handled by headers straightforward getting hold tokens put harder do know what type application authenticate manually while proxying through look responses from headerbased arbitrary number used conjunction browser based all cookies set cookiebased see any setcookie returned likely make request verification url authenticated open manual editor dialog check there header when send indicates logged case remove response longer other such which wwwauthenticate authorization above automatically performed making requests ajax spider dom xss scanner rule cannot reason inject into selenium scripts video explains demonstrates how up owasp juice shop: previous finding next methods "
+    "content": "zap handling authentication then needs handle sessions logging use does not maintain session target app will just treat being unauthenticated management configuration part context desktop configured via screen automation framework defined environment api endpoints underneath sessionmanagement component supports cookie http out box your uses another mechanism you can that using custom script applications may implement serverside clientside both sides difficult test isolation typically need also configure before should always try auto detection first works nearly handled by headers straightforward getting hold tokens put harder do know what type application authenticate manually while proxying through look responses from headerbased arbitrary number used conjunction browser based all cookies set cookiebased see any setcookie returned likely make request verification url authenticated open manual editor dialog check there header when send indicates logged case remove response longer other such which wwwauthenticate authorization above automatically performed making requests ajax spider dom xss scanner rule cannot reason inject into selenium scripts video explains demonstrates how up owasp juice shop: previous finding next methods "
     },
 {
     "url": "/docs/alerts/10105-1/",

Original file line number	Diff line number	Diff line change
`@@ -4973,7 +4973,7 @@`
`4973`	`4973`	`"keywords": ["-","authentication","guide","handling","session"],`
`4974`	`4974`	`"tags": ["authentication","guide"],`
`4975`	`4975`	"summary": "\u003cp\u003e\u003cscript type=\"text/javascript\" async src=\"https://play.vidyard.com/embed/v4.js\"\u003e\u003c/script\u003e\n\nIf ZAP is handling authentication then it needs to handle sessions as well - logging in is of no use if ZAP does not maintain the session as the target app will just treat ZAP as being unauthenticated.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"/docs/desktop/start/features/sessionmanagement/\"\u003eSession management\u003c/a\u003e configuration is part of a ZAP context.\u003c/p\u003e",
`4976`		- "content": "zap handling authentication then needs handle sessions logging use does not maintain session target app will just treat being unauthenticated management configuration part context desktop configured via screen framework defined environment api endpoints underneath sessionmanagement component supports cookie http out box your uses another mechanism you can that using custom script applications may implement serverside clientside both sides difficult test isolation typically need also configure before should always try auto detection first works nearly handled by headers straightforward getting hold tokens put harder do know what type application authenticate manually while proxying through look responses from headerbased arbitrary number used conjunction browser based all cookies set cookiebased see any setcookie returned likely make request verification url authenticated open manual editor dialog check there header when send indicates logged case remove response longer other such which wwwauthenticate authorization above automatically performed making requests ajax spider dom xss scanner rule cannot reason inject into selenium scripts video explains demonstrates how up owasp juice shop: previous finding next methods "
	`4976`	+ "content": "zap handling authentication then needs handle sessions logging use does not maintain session target app will just treat being unauthenticated management configuration part context desktop configured via screen automation framework defined environment api endpoints underneath sessionmanagement component supports cookie http out box your uses another mechanism you can that using custom script applications may implement serverside clientside both sides difficult test isolation typically need also configure before should always try auto detection first works nearly handled by headers straightforward getting hold tokens put harder do know what type application authenticate manually while proxying through look responses from headerbased arbitrary number used conjunction browser based all cookies set cookiebased see any setcookie returned likely make request verification url authenticated open manual editor dialog check there header when send indicates logged case remove response longer other such which wwwauthenticate authorization above automatically performed making requests ajax spider dom xss scanner rule cannot reason inject into selenium scripts video explains demonstrates how up owasp juice shop: previous finding next methods "
`4977`	`4977`	`},`
`4978`	`4978`	`{`
`4979`	`4979`	`"url": "/docs/alerts/10105-1/",`