Merge pull request #126 from psiinon/master

Update for ZAP 2.16.0

Author: thc202

CHANGELOG.md

@@ -3,7 +3,9 @@ All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/).
 
-## [Unreleased]
+## [0.4.0] - 2025-01-20
+### Changed
+- Update APIs for 2.16.
 
 ## [0.3.2] - 2024-06-04
 ### Fixed
@@ -181,7 +183,7 @@ ensure it's automatically sent in all API requests.
 ### Changed
 - Moved from the main `zaproxy` repository.
 
-[Unreleased]: https://github.com/zaproxy/zap-api-python/compare/0.3.2...HEAD
+[0.4.0]: https://github.com/zaproxy/zap-api-python/compare/0.3.2...0.4.0
 [0.3.2]: https://github.com/zaproxy/zap-api-python/compare/0.3.1...0.3.2
 [0.3.1]: https://github.com/zaproxy/zap-api-python/compare/0.3.0...0.3.1
 [0.3.0]: https://github.com/zaproxy/zap-api-python/compare/0.2.0...0.3.0

src/zapv2/__init__.py

@@ -45,6 +45,7 @@
 from .httpSessions import httpSessions
 from .localProxies import localProxies
 from .network import network
+from .oast import oast
 from .openapi import openapi
 from .params import params
 from .pnh import pnh
@@ -111,6 +112,7 @@ def __init__(self, proxies=None, apikey=None, validate_status_code=False):
         self.httpsessions = httpSessions(self)
         self.localProxies = localProxies(self)
         self.network = network(self)
+        self.oast = oast(self)
         self.openapi = openapi(self)
         self.params = params(self)
         self.pnh = pnh(self)

src/zapv2/accessControl.py

@@ -2,7 +2,7 @@
 #
 # ZAP is an HTTP/HTTPS proxy for assessing web application security.
 #
-# Copyright 2022 the ZAP development team
+# Copyright 2025 the ZAP development team
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

src/zapv2/acsrf.py

@@ -2,7 +2,7 @@
 #
 # ZAP is an HTTP/HTTPS proxy for assessing web application security.
 #
-# Copyright 2022 the ZAP development team
+# Copyright 2025 the ZAP development team
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

src/zapv2/ajaxSpider.py

@@ -2,7 +2,7 @@
 #
 # ZAP is an HTTP/HTTPS proxy for assessing web application security.
 #
-# Copyright 2022 the ZAP development team
+# Copyright 2025 the ZAP development team
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -150,6 +150,13 @@ def option_click_elems_once(self):
         """
         return six.next(six.itervalues(self.zap._request(self.zap.base + 'ajaxSpider/view/optionClickElemsOnce/')))
 
+    @property
+    def option_enable_extensions(self):
+        """
+        This component is optional and therefore the API will only work if it is installed
+        """
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'ajaxSpider/view/optionEnableExtensions/')))
+
     @property
     def option_random_inputs(self):
         """
@@ -283,6 +290,12 @@ def set_option_click_elems_once(self, boolean, apikey=''):
         """
         return six.next(six.itervalues(self.zap._request(self.zap.base + 'ajaxSpider/action/setOptionClickElemsOnce/', {'Boolean': boolean})))
 
+    def set_option_enable_extensions(self, boolean, apikey=''):
+        """
+        This component is optional and therefore the API will only work if it is installed
+        """
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'ajaxSpider/action/setOptionEnableExtensions/', {'Boolean': boolean})))
+
     def set_option_event_wait(self, integer, apikey=''):
         """
         Sets the time to wait after an event (in milliseconds). For example: the wait delay after the cursor hovers over an element, in order for a menu to display, etc.

src/zapv2/alert.py

@@ -2,7 +2,7 @@
 #
 # ZAP is an HTTP/HTTPS proxy for assessing web application security.
 #
-# Copyright 2022 the ZAP development team
+# Copyright 2025 the ZAP development team
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

src/zapv2/alertFilter.py

@@ -2,7 +2,7 @@
 #
 # ZAP is an HTTP/HTTPS proxy for assessing web application security.
 #
-# Copyright 2022 the ZAP development team
+# Copyright 2025 the ZAP development team
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

src/zapv2/ascan.py

@@ -2,7 +2,7 @@
 #
 # ZAP is an HTTP/HTTPS proxy for assessing web application security.
 #
-# Copyright 2022 the ZAP development team
+# Copyright 2025 the ZAP development team
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

src/zapv2/authentication.py

@@ -2,7 +2,7 @@
 #
 # ZAP is an HTTP/HTTPS proxy for assessing web application security.
 #
-# Copyright 2022 the ZAP development team
+# Copyright 2025 the ZAP development team
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

src/zapv2/authorization.py

@@ -2,7 +2,7 @@
 #
 # ZAP is an HTTP/HTTPS proxy for assessing web application security.
 #
-# Copyright 2022 the ZAP development team
+# Copyright 2025 the ZAP development team
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

src/zapv2/automation.py

@@ -2,7 +2,7 @@
 #
 # ZAP is an HTTP/HTTPS proxy for assessing web application security.
 #
-# Copyright 2022 the ZAP development team
+# Copyright 2025 the ZAP development team
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

src/zapv2/autoupdate.py

@@ -2,7 +2,7 @@
 #
 # ZAP is an HTTP/HTTPS proxy for assessing web application security.
 #
-# Copyright 2022 the ZAP development team
+# Copyright 2025 the ZAP development team
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

src/zapv2/brk.py

@@ -2,7 +2,7 @@
 #
 # ZAP is an HTTP/HTTPS proxy for assessing web application security.
 #
-# Copyright 2022 the ZAP development team
+# Copyright 2025 the ZAP development team
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

src/zapv2/context.py

@@ -2,7 +2,7 @@
 #
 # ZAP is an HTTP/HTTPS proxy for assessing web application security.
 #
-# Copyright 2022 the ZAP development team
+# Copyright 2025 the ZAP development team
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

src/zapv2/core.py

@@ -2,7 +2,7 @@
 #
 # ZAP is an HTTP/HTTPS proxy for assessing web application security.
 #
-# Copyright 2022 the ZAP development team
+# Copyright 2025 the ZAP development team
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

src/zapv2/custompayloads.py

@@ -2,7 +2,7 @@
 #
 # ZAP is an HTTP/HTTPS proxy for assessing web application security.
 #
-# Copyright 2024 the ZAP development team
+# Copyright 2025 the ZAP development team
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

src/zapv2/exim.py

@@ -2,7 +2,7 @@
 #
 # ZAP is an HTTP/HTTPS proxy for assessing web application security.
 #
-# Copyright 2022 the ZAP development team
+# Copyright 2025 the ZAP development team
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -55,6 +55,20 @@ def import_modsec_2_logs(self, filepath, apikey=''):
         """
         return six.next(six.itervalues(self.zap._request(self.zap.base + 'exim/action/importModsec2Logs/', {'filePath': filepath})))
 
+    def export_sites_tree(self, filepath, apikey=''):
+        """
+        Exports the Sites Tree in the Sites Tree YAML format.
+        This component is optional and therefore the API will only work if it is installed
+        """
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'exim/action/exportSitesTree/', {'filePath': filepath})))
+
+    def prune_sites_tree(self, filepath, apikey=''):
+        """
+        Prunes the Sites Tree based on a file in the Sites Tree YAML format.
+        This component is optional and therefore the API will only work if it is installed
+        """
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'exim/action/pruneSitesTree/', {'filePath': filepath})))
+
     def export_har(self, baseurl=None, start=None, count=None, apikey=''):
         """
         Gets the HTTP messages sent through/by ZAP, in HAR format, optionally filtered by URL and paginated with 'start' position and 'count' of messages

src/zapv2/forcedUser.py

@@ -2,7 +2,7 @@
 #
 # ZAP is an HTTP/HTTPS proxy for assessing web application security.
 #
-# Copyright 2022 the ZAP development team
+# Copyright 2025 the ZAP development team
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

src/zapv2/httpSessions.py

@@ -2,7 +2,7 @@
 #
 # ZAP is an HTTP/HTTPS proxy for assessing web application security.
 #
-# Copyright 2022 the ZAP development team
+# Copyright 2025 the ZAP development team
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

src/zapv2/network.py

@@ -2,7 +2,7 @@
 #
 # ZAP is an HTTP/HTTPS proxy for assessing web application security.
 #
-# Copyright 2022 the ZAP development team
+# Copyright 2025 the ZAP development team
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

src/zapv2/oast.py

@@ -0,0 +1,111 @@
+# Zed Attack Proxy (ZAP) and its related class files.
+#
+# ZAP is an HTTP/HTTPS proxy for assessing web application security.
+#
+# Copyright 2025 the ZAP development team
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+"""
+This file was automatically generated.
+"""
+
+import six
+
+
+class oast(object):
+
+    def __init__(self, zap):
+        self.zap = zap
+
+    @property
+    def get_active_scan_service(self):
+        """
+        Gets the service used with the active scanner, if any.
+        This component is optional and therefore the API will only work if it is installed
+        """
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'oast/view/getActiveScanService/')))
+
+    @property
+    def get_services(self):
+        """
+        Gets all of the services.
+        This component is optional and therefore the API will only work if it is installed
+        """
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'oast/view/getServices/')))
+
+    @property
+    def get_boast_options(self):
+        """
+        Gets the BOAST options.
+        This component is optional and therefore the API will only work if it is installed
+        """
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'oast/view/getBoastOptions/')))
+
+    @property
+    def get_callback_options(self):
+        """
+        Gets the Callback options.
+        This component is optional and therefore the API will only work if it is installed
+        """
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'oast/view/getCallbackOptions/')))
+
+    @property
+    def get_interactsh_options(self):
+        """
+        Gets the Interactsh options.
+        This component is optional and therefore the API will only work if it is installed
+        """
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'oast/view/getInteractshOptions/')))
+
+    @property
+    def get_days_to_keep_records(self):
+        """
+        Gets the number of days the OAST records will be kept for.
+        This component is optional and therefore the API will only work if it is installed
+        """
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'oast/view/getDaysToKeepRecords/')))
+
+    def set_active_scan_service(self, name, apikey=''):
+        """
+        Sets the service used with the active scanner.
+        This component is optional and therefore the API will only work if it is installed
+        """
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'oast/action/setActiveScanService/', {'name': name})))
+
+    def set_boast_options(self, server, pollinsecs, apikey=''):
+        """
+        Sets the BOAST options.
+        This component is optional and therefore the API will only work if it is installed
+        """
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'oast/action/setBoastOptions/', {'server': server, 'pollInSecs': pollinsecs})))
+
+    def set_callback_options(self, localaddress, remoteaddress, port, apikey=''):
+        """
+        Sets the Callback options.
+        This component is optional and therefore the API will only work if it is installed
+        """
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'oast/action/setCallbackOptions/', {'localAddress': localaddress, 'remoteAddress': remoteaddress, 'port': port})))
+
+    def set_interactsh_options(self, server, pollinsecs, authtoken, apikey=''):
+        """
+        Sets the Interactsh options.
+        This component is optional and therefore the API will only work if it is installed
+        """
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'oast/action/setInteractshOptions/', {'server': server, 'pollInSecs': pollinsecs, 'authToken': authtoken})))
+
+    def set_days_to_keep_records(self, days, apikey=''):
+        """
+        Sets the number of days the OAST records will be kept for.
+        This component is optional and therefore the API will only work if it is installed
+        """
+        return six.next(six.itervalues(self.zap._request(self.zap.base + 'oast/action/setDaysToKeepRecords/', {'days': days})))

src/zapv2/params.py

@@ -2,7 +2,7 @@
 #
 # ZAP is an HTTP/HTTPS proxy for assessing web application security.
 #
-# Copyright 2022 the ZAP development team
+# Copyright 2025 the ZAP development team
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.

src/zapv2/pnh.py

@@ -2,7 +2,7 @@
 #
 # ZAP is an HTTP/HTTPS proxy for assessing web application security.
 #
-# Copyright 2022 the ZAP development team
+# Copyright 2025 the ZAP development team
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.