Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

authhelper: record/report local/session storage #6253

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

authhelper: record/report local/session storage #6253

wants to merge 1 commit into from

Conversation

thc202
Copy link
Member

@thc202 thc202 commented Mar 6, 2025

Record and report the state of the local/session storage for the authentication diagnostics.

kingthorin
kingthorin reviewed Mar 6, 2025
View reviewed changes
addOns/authhelper/src/main/java/org/zaproxy/addon/authhelper/AuthenticationDiagnostics.java Outdated
Comment on lines 207 to 224
"""
const data = [];
for (let i = 0; i < window.localStorage.length; i++) {
data.push({"key": window.localStorage.key(i), "value": window.localStorage.getItem(window.localStorage.key(i))});
}
return data;
""",
DiagnosticBrowserStorageItem.Type.LOCAL);

processStorage(
je,
"""
const data = [];
for (let i = 0; i < sessionStorage.length; i++) {
data.push({"key": sessionStorage.key(i), "value": sessionStorage.getItem(sessionStorage.key(i))});
}
return data;
""",
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Use a single or constant string and a variable for the storage type/location and insert it via format?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not 100% sure this is what you meant but it addresses the duplication.

@psiinon
Copy link
Member

psiinon commented Mar 6, 2025
edited
Loading

Logo
Checkmarx One – Scan Summary & Details4b374ebe-25cd-4786-9782-5dcd7378235a

Great job, no security vulnerabilities found in this Pull Request

@thc202 thc202 force-pushed the authhelper/diags-storage branch from 9adf5a5 to ce6d902 Compare March 6, 2025 20:03
@thc202
authhelper: record/report local/session storage
def771d 
Record and report the state of the local/session storage for the
authentication diagnostics.

Signed-off-by: thc202 <[email protected]>
@thc202 thc202 force-pushed the authhelper/diags-storage branch from ce6d902 to def771d Compare March 6, 2025 20:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kingthorin kingthorin kingthorin left review comments

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@thc202 @psiinon @kingthorin