Comments (2)
thc202
commented on July 20, 2024
1
The problem is that once the session URLs are excluded they will no longer be downgraded.
from zap-hud.
psiinon
commented on July 20, 2024
As per https://groups.google.com/g/zaproxy-users/c/QZrQU-KGkWk/m/lThons3LAwAJ (and the later comment) the HUD has to upgrade a site to HTTPS otherwise it cant work. And if the site doesnt handle HTTPS then ZAP handles that on its behalf.
It sounds like ZAP is not upgrading the http AJAX calls. Do you see redirects in the responses?
Is WebGoat not following the redirects?
If you can explain how it works then we can look at fixing it.
Although right now we dont actually have anyone focussing on HUD development :(
from zap-hud.
Related Issues (20)
- 504 Gateway Timeout only when using the HUD HOT 1
- Support building with Java 17 HOT 7
- HUD does not allow me to set scope. HOT 1
- HUD not updating percentage for Spider, Ajax Spider and Attack HOT 1
- "Remove CSP from target pages" doesn't appear to remove the Content-Security-Policy header
- Running `ava` fails with `SyntaxError: Cannot use import statement outside a module`
- Update to use latest Vue.js HOT 12
- HUD not working with FireFox recently HOT 13
- HUD not working (arm64 linux) HOT 8
- Build failure with aarch64 HOT 1
- Proxy converts HTTP POST to GET when the HUD is enabled HOT 1
- HUD no longer loads reliably HOT 9
- HUD History time display (one digit) HOT 4
- HUD Tutorial is non-functional HOT 3
- ZAP HUD broken after emptying browser cache HOT 1
- Accessibility of the ZAP HUD
- HUD base directory lost on reboot ZAP v2.10.0 on Kali 2021.1 HOT 12
- Broke the HUD tutorial by navigating back and fourth with the green buttons. HOT 3
- Remove "X-Frame-Options: DENY" header
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from zap-hud.