DAST Scanner profile implementation - add remaining options [parent issue]
Problem to solve
As a user, I want to be able to create a "Scanner profile" to use in my on-demand DAST scans, so that I can create multiple ways of scanning my sites within a single project.
Intended users
User experience goal
The user should be able to create a Scanner profile from either the Profile Library or the On-demand scan initiation page and specify whether the scan should be active or passive, enable the AJAX spider, and whether to turn on Debug messages, in addition to the fields added in the last iteration.
Proposal
Review the design: #217016 (closed)
Three new fields should be added to the Scanner Profile form:
- Active/passive scan selection
- Ajax Spider
- Debug
This profile should then be selectable in the On-demand scan page for the project. The ability to create a profile should be linked from both the Profile Library page and the On-demand scan page, so that the user doesn't have to use the left navigation to create a profile if they are already at either page.
Further details
Maintainer, owner, and developer roles should have access to create new Scanner profiles.
Documentation
The DAST config docs should be updated to include the new active/passive scan mode selection, the AJAX spider option, and the Debug messages option.
Issue breakdown
Task # | Description | Issue | Department(s) |
---|---|---|---|
1 | Add new options in DAST Scanner Profile form | #254200 (closed) | frontend backend |
2 | Add new options in Profile Selector | #254205 (closed) | frontend |
3 | Document new options in scanner profiles | #254207 (closed) | documentation |