Remove excluded passive scan rules
What does this MR do?
Enables browser-based active checks when the feature flag DAST_FF_ENABLE_BROWSER_BASED_ATTACKS
is set to true
. Enabling a browser-based check automatically disables the equivalent ZAP active check from the scan.
Currently, the only browser-based active check that would be enabled is check 22.1
. Other active checks that are written and untested are considered "alpha" checks. Setting the feature flag DAST_FF_ENABLE_BROWSER_BASED_ALPHA_ATTACKS
to true
will enable all of the browser-based active checks, alpha and otherwise.
What are the relevant issue numbers?
Run Browserker active checks in DAST (gitlab-org/gitlab#389219 - closed)
Edited by Cameron Swords