Improve messages around Session starting
Problem
When a user is configuring API Fuzzing having clear log messages helps the user understand what is happening. Recently there has been confusion around the start session related messages.
- Message with (1/120) but we don't say what it means (retry logic)
- We don't provide a success message
- If user points to a different endpoint we say "version header wasn't found" as an error message. We should provide a more descriptive message.
Proposal
-
Change starting message to: Starting API Security scanner session (Try 1/120) -
Provide a success message: Successfully started API Security scanner session -
Change error message for API Security version header not found to (work in progress): - Warning, failed to start API Security session. Please verify FUZZAPI_API has not been changed. The FUZZAPI_API endpoint didn't provide a API Security version header.
-
Add a troubleshooting section to the documentation and add this error message with a longer discussion about what caused it and how it can be fixed.
Edited by Herber Madrigal