Add _REQUEST_HEADERS_BASE64 variable to DAST API
Problem
On-demand scans for dynamic analysis of APIs will be switching over to using DAST API instead of DAST. To support this effort a new variable DAST_API_REQUEST_HEADERS_BASE64
is needed that is compatible with the DAST_REQUEST_HEADERS_BASE64
variable. This variable is commonly used to contain authentication secrets, by Base64 encoding the data it's output in the job console can be masked.
This requirement came up while discussing a bug found in the current on-demand implementation.
Proposal
Add a new variable DAST_API_REQUEST_HEADERS_BASE64
that is a base64 encoded version of DAST_API_REQUEST_HEADERS
.
Requirements:
-
Variable contents are Base64 encoded, otherwise functions the same as DAST_API_REQUEST_HEADERS
-
Providing both DAST_API_REQUEST_HEADERS
andDAST_API_REQUEST_HEADERS_BASE64
results in an error message -
Do not display the Base64-decoded string in the console output -
Document this new variable and it's usage
Edited by Herber Madrigal