Detailed Security Log Results for RESTFUL API
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Detailed Security Log Results for RESTFUL API
When I run a Security Scan, such as Cross Site Scripting, I'm not finding a detailed log for each test. I find a summary for each test indicating that a pass or fail was the result, but no details about each test.
I tried generating different types of logs, but none of them meet the criteria that I am seeking.
So, let's say that one of my security scans looks like this -->
- ';alert(String.fromCharCode(88,83,83))//\';alert(String.fromCharCode(88,83,83))//";alert(String.fromCharCode(88,83,83))//\";alert(String.fromCharCode(88,83,83))//-->">'>
- I'm not seeing that scan and the results in a log.
- How do I generate detailed log results/
- Labels:
-
Security Tests
-
Test Results
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Good Morning Mike,
There are a few options for viewing Security Scan Logs. We would love to hear more about your criteria. The option outlined below will allow you to export the logs out to a file. I have stored mine as a simple txt file.
In particular, the scan that you have performed is applying values within the URL of the request as seen below.
GET https://petstore.swagger.io:443/v2/pet/findByTags?tags=%27%3Balert%28String.fromCharCode%2888%2C83%2... HTTP/1.1
SmartBear Article: https://support.smartbear.com/readyapi/docs/security/scans/types/xss.html
