On Demand Scans use Browser Based Analyzer (!138625) · Merge requests · GitLab.org / GitLab

Arpit Gogia requested to merge 430191-browser-based-ods into master Dec 04, 2023

What does this MR do and why?

On Demand Scans will use the browser based analyzer when the feature flag dast_ods_browser_based_scanner is turned on
- Adds the feature flag
- Adds the DAST_BROWSER_SCAN CI variable to the On Demand Scan CI job when the feature flag is on. Also removes DAST_USE_AJAX_SPIDER since it conflicts with the former.

Screenshots or screen recordings

Adds the CI variable

Browserker is used when the feature flag is on

How to set up and validate locally

Setup GDK
Turn on the feature flag from Rails console Feature.enable(:dast_ods_browser_based_scanner)
Try to run a new On Demand Scan (Secure -> On Demand Scans)

MR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

I have evaluated the MR acceptance checklist for this MR.

Related to #430191 (closed)

On Demand Scans use Browser Based Analyzer

What does this MR do and why?

Screenshots or screen recordings

How to set up and validate locally

MR acceptance checklist

Merge request reports