Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add ZAP Security Scan for nightly pipeline #1216

Merged
merged 68 commits into from
May 15, 2020
Merged

Add ZAP Security Scan for nightly pipeline #1216

Changes from 1 commit
Commits
Show all changes
68 commits
Select commit Hold shift + click to select a range
cd09efb
FPLA-1661: Setup security scan for nightly pipeline
douglasrice Apr 28, 2020
712c7a9
FPLA-1661: Typo in proxy description
douglasrice Apr 28, 2020
af13078
FPLA-1661: amendments
douglasrice Apr 28, 2020
cf84b0f
FPLA-1661: Changed descriptions to be more meaningful
douglasrice Apr 28, 2020
17d648d
FPLA-1661: output folder for security scan report
douglasrice Apr 28, 2020
a3531dc
FPLA-1661: Rename parameter securityRules to SECURITY_RULES
douglasrice Apr 28, 2020
d5f735d
FPLS-1661: Trying new report name
douglasrice Apr 28, 2020
6e62285
FPLA-1661: Integrate with Glue for ignoring false positives
douglasrice Apr 28, 2020
d82a862
FPLA-1661: Added a false positive to see if it works as expected
douglasrice Apr 28, 2020
f729ab1
FPLA-1661: Added a false positive to see if it works as expected
douglasrice Apr 28, 2020
db0f7e5
FPLA-1661: Admore more ignore false positives
douglasrice Apr 29, 2020
991871e
FPLA-1661: Admore more ignore false positives
douglasrice Apr 29, 2020
6bfa128
FPLA-1661: Add more more ignore false positives
douglasrice Apr 29, 2020
dad53dd
FPLA-1661: Add more more ignore false positives
douglasrice Apr 29, 2020
845e64d
FPLA-1661: Change to test for url only in config
douglasrice Apr 29, 2020
fa71ada
FPLA-1661: Change to test for url only in config
douglasrice Apr 29, 2020
f98e240
FPLA-1661: false positives
douglasrice Apr 29, 2020
c7faca6
FPLA-1661: false positives
douglasrice Apr 29, 2020
d550fc1
FPLA-1661: false positives
douglasrice Apr 29, 2020
62edb13
FPLA-1661: false positives
douglasrice Apr 29, 2020
6f8a003
FPLA-1661: false positives
douglasrice Apr 29, 2020
83d3a18
FPLA-1661: amend url from https to http
douglasrice Apr 29, 2020
0540f98
FPLA-1661: amend url from https to http
douglasrice Apr 29, 2020
e350d0a
FPLA-1661: false positives
douglasrice Apr 30, 2020
6fce8b6
FPLA-1661: false positives
douglasrice Apr 30, 2020
3507e0f
FPLA-1661: false positives
douglasrice Apr 30, 2020
ca9e93c
FPLA-1661: false positives
douglasrice Apr 30, 2020
ba1240d
FPLA-1661: false positives
douglasrice Apr 30, 2020
e58042b
FPLA-1661: false positives
douglasrice Apr 30, 2020
34275fa
FPLA-1661: false positives
douglasrice Apr 30, 2020
0c64acb
FPLA-1661: false positives
douglasrice Apr 30, 2020
c3785bb
FPLA-1661: false positives
douglasrice Apr 30, 2020
b979e1c
FPLA-1661: false positives
douglasrice Apr 30, 2020
11958a3
FPLA-1661: false positives
douglasrice Apr 30, 2020
0cecc56
FPLA-1661: false positives
douglasrice Apr 30, 2020
2eb9174
FPLA-1661: false positives
douglasrice Apr 30, 2020
def9500
FPLA-1661: false positives
douglasrice Apr 30, 2020
10cb6e8
FPLA-1661: false positives
douglasrice Apr 30, 2020
4b0ea92
FPLA-1661: false positives
douglasrice Apr 30, 2020
a76d139
FPLA-1661: false positives
douglasrice Apr 30, 2020
482012e
FPLA-1661: false positives
douglasrice Apr 30, 2020
bababc3
FPLA-1661: false positives
douglasrice Apr 30, 2020
8d32b88
FPLA-1661: false positives
douglasrice Apr 30, 2020
1d1e16d
FPLA-1661: false positives
douglasrice Apr 30, 2020
06882fa
FPLA-1661: false positives
douglasrice Apr 30, 2020
2aa5b47
FPLA-1661: false positives
douglasrice Apr 30, 2020
4defada
FPLA-1661: false positives
douglasrice Apr 30, 2020
2390bbd
removing zap-cli
satyachundur May 5, 2020
fc403c9
Update security.sh
satyachundur May 5, 2020
132abf2
Update security.sh
satyachundur May 5, 2020
a970e42
Update security.sh
satyachundur May 5, 2020
5dce42d
Update security.sh
satyachundur May 5, 2020
2ba1548
Update security.sh
satyachundur May 5, 2020
89417a1
Update audit.json
satyachundur May 5, 2020
3586718
Update audit.json
satyachundur May 5, 2020
95d48c8
FPLA-1661: Zap Security Scan implementation
douglasrice May 13, 2020
ce0e6cb
Zap security
douglasrice May 14, 2020
2f2d101
ZAP Security scanner
douglasrice May 14, 2020
a650b32
ZAP Security scanner
douglasrice May 15, 2020
a6aa9a3
ZAP Security scanner
douglasrice May 15, 2020
8f6452a
Merge branch 'master' into nightly-dev
douglasrice May 15, 2020
c44b13b
Merge branch 'master' into nightly-dev
douglasrice May 15, 2020
37a959d
ZAP Security scanner
douglasrice May 15, 2020
8964449
Merge branch 'nightly-dev' of github.com:hmcts/fpl-ccd-configuration …
douglasrice May 15, 2020
88096cb
ZAP Security scanner
douglasrice May 15, 2020
21bceeb
ZAP Security scanner
douglasrice May 15, 2020
a82b4bc
ZAP Security scanner
douglasrice May 15, 2020
0d4b05e
Merge branch 'master' into nightly-dev
douglasrice May 15, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
FPLA-1661: false positives
  • Loading branch information
@douglasrice
douglasrice committed Apr 30, 2020
commit ba1240db2fe5c1e97bafb1fb712c6c878cc1354b
20 changes: 19 additions & 1 deletion audit.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -121,5 +121,23 @@
"90022_Application Error Disclosure_http://fpl-case-service-aat.service.core-compute-aat.internal/callback/case-submission/about-to-submit_POST": "ignore",
"90022_Application Error Disclosure_http://fpl-case-service-aat.service.core-compute-aat.internal/callback/placement/mid-event_POST": "ignore",
"100000_A Client Error response code was returned by the server_http://fpl-case-service-aat.service.core-compute-aat.internal/sendRPAEmailByID/caseId_POST": "ignore",
"100001_Unexpected Content-Type was returned_http://fpl-case-service-aat.service.core-compute-aat.internal/_GET": "ignore"
"100001_Unexpected Content-Type was returned_http://fpl-case-service-aat.service.core-compute-aat.internal/_GET": "ignore",
"90033_Loosely Scoped Cookie_http://fpl-case-service-aat.service.core-compute-aat.internal/callback/statement-of-service/about-to-start_POST": "ignore",
"90033_Loosely Scoped Cookie_http://fpl-case-service-aat.service.core-compute-aat.internal/callback/placement/about-to-submit_POST": "ignore",
"90033_Loosely Scoped Cookie_http://fpl-case-service-aat.service.core-compute-aat.internal/callback/placement/submitted_POST": "ignore",
"90033_Loosely Scoped Cookie_http://fpl-case-service-aat.service.core-compute-aat.internal/callback/create-order/submitted_POST": "ignore",
"90033_Loosely Scoped Cookie_http://fpl-case-service-aat.service.core-compute-aat.internal/callback/action-cmo/about-to-submit_POST": "ignore",
"90033_Loosely Scoped Cookie_http://fpl-case-service-aat.service.core-compute-aat.internal/callback/send-document/about-to-submit_POST": "ignore",
"90033_Loosely Scoped Cookie_http://fpl-case-service-aat.service.core-compute-aat.internal/callback/add-hearing-bookings/mid-event_POST": "ignore",
"90033_Loosely Scoped Cookie_http://fpl-case-service-aat.service.core-compute-aat.internal/callback/case-submission/about-to-submit_POST": "ignore",
"90033_Loosely Scoped Cookie_http://fpl-case-service-aat.service.core-compute-aat.internal/callback/draft-cmo/about-to-submit_POST", "ignore",
"90033_Loosely Scoped Cookie_http://fpl-case-service-aat.service.core-compute-aat.internal/callback/enter-respondents/about-to-submit_POST": "ignore",
"90033_Loosely Scoped Cookie_http://fpl-case-service-aat.service.core-compute-aat.internal/callback/manage-representatives/about-to-submit_POST": "ignore",
"90033_Loosely Scoped Cookie_http://fpl-case-service-aat.service.core-compute-aat.internal/callback/notify-gatekeeper/about-to-start_POST": "ignore",
"90033_Loosely Scoped Cookie_http://fpl-case-service-aat.service.core-compute-aat.internal/callback/case-initiation/submitted_POST": "ignore",
"90033_Loosely Scoped Cookie_http://fpl-case-service-aat.service.core-compute-aat.internal/callback/enter-others/about-to-start_POST": "ignore",
"90033_Loosely Scoped Cookie_http://fpl-case-service-aat.service.core-compute-aat.internal/callback/draft-standard-directions/about-to-submit_POST": "ignore",
"90033_Loosely Scoped Cookie_http://fpl-case-service-aat.service.core-compute-aat.internal/callback/case-submission/about-to-start_POST": "ignore",
"90033_Loosely Scoped Cookie_http://fpl-case-service-aat.service.core-compute-aat.internal/callback/comply-with-directions/about-to-start_POST": "ignore",
"90033_Loosely Scoped Cookie_http://fpl-case-service-aat.service.core-compute-aat.internal/callback/enter-others/about-to-submit_POST": "ignore"
}