DAST Site validation - Improve validation path handling
Problem to solve
When creating a DAST Site profile, users are asked to provide a Target URL which can then be validated by switching the Validate target site toggle on. In the validation section that shows up, one of the options available involves uploading a validation file to the target site, and providing the file's URL via a text input with the Target URL prepended.
The current iteration doesn't actually uses the validation file's location at all. Let's make sure users are able to provide a path to their validation file based on this discussion.
-
The prefix should not be the full Target URL, it should only consist of the protocol and the resource name (e.g. if the Target URL is https://gitlab.com/some/path/
, the prefix should behttps://gitlab.com/
) -
The validation file path input should default to the generated validation file's name. -
If the Target URL contains a file path, it should be prepended to the validation file's name in the input (e.g. if the Target URL is https://gitlab.com/some/path/
, and the generated file name isvalidation_token.txt
, the input defaults tosome/path/validation_token.txt
. -
Finally, the prefix should always end with a slash (e.g. if the Target URL is https://gitlab.com
, the prefix should behttps://gitlab.com/
.
Edited by Paul Gascou-Vaillancourt