1<html><body>
2<style>
3
4body, h1, h2, h3, div, span, p, pre, a {
5  margin: 0;
6  padding: 0;
7  border: 0;
8  font-weight: inherit;
9  font-style: inherit;
10  font-size: 100%;
11  font-family: inherit;
12  vertical-align: baseline;
13}
14
15body {
16  font-size: 13px;
17  padding: 1em;
18}
19
20h1 {
21  font-size: 26px;
22  margin-bottom: 1em;
23}
24
25h2 {
26  font-size: 24px;
27  margin-bottom: 1em;
28}
29
30h3 {
31  font-size: 20px;
32  margin-bottom: 1em;
33  margin-top: 1em;
34}
35
36pre, code {
37  line-height: 1.5;
38  font-family: Monaco, 'DejaVu Sans Mono', 'Bitstream Vera Sans Mono', 'Lucida Console', monospace;
39}
40
41pre {
42  margin-top: 0.5em;
43}
44
45h1, h2, h3, p {
46  font-family: Arial, sans serif;
47}
48
49h1, h2, h3 {
50  border-bottom: solid #CCC 1px;
51}
52
53.toc_element {
54  margin-top: 0.5em;
55}
56
57.firstline {
58  margin-left: 2 em;
59}
60
61.method  {
62  margin-top: 1em;
63  border: solid 1px #CCC;
64  padding: 1em;
65  background: #EEE;
66}
67
68.details {
69  font-weight: bold;
70  font-size: 14px;
71}
72
73</style>
74
75<h1><a href="websecurityscanner_v1beta.html">Web Security Scanner API</a> . <a href="websecurityscanner_v1beta.projects.html">projects</a> . <a href="websecurityscanner_v1beta.projects.scanConfigs.html">scanConfigs</a> . <a href="websecurityscanner_v1beta.projects.scanConfigs.scanRuns.html">scanRuns</a> . <a href="websecurityscanner_v1beta.projects.scanConfigs.scanRuns.findings.html">findings</a></h1>
76<h2>Instance Methods</h2>
77<p class="toc_element">
78  <code><a href="#get">get(name, x__xgafv=None)</a></code></p>
79<p class="firstline">Gets a Finding.</p>
80<p class="toc_element">
81  <code><a href="#list">list(parent, pageToken=None, x__xgafv=None, pageSize=None, filter=None)</a></code></p>
82<p class="firstline">List Findings under a given ScanRun.</p>
83<p class="toc_element">
84  <code><a href="#list_next">list_next(previous_request, previous_response)</a></code></p>
85<p class="firstline">Retrieves the next page of results.</p>
86<h3>Method Details</h3>
87<div class="method">
88    <code class="details" id="get">get(name, x__xgafv=None)</code>
89  <pre>Gets a Finding.
90
91Args:
92  name: string, Required.
93The resource name of the Finding to be returned. The name follows the
94format of
95'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}/findings/{findingId}'. (required)
96  x__xgafv: string, V1 error format.
97    Allowed values
98      1 - v1 error format
99      2 - v2 error format
100
101Returns:
102  An object of the form:
103
104    { # A Finding resource represents a vulnerability instance identified during a
105      # ScanRun.
106    "body": "A String", # Output only.
107        # The body of the request that triggered the vulnerability.
108    "xss": { # Information reported for an XSS. # Output only.
109        # An addon containing information reported for an XSS, if any.
110      "stackTraces": [ # Stack traces leading to the point where the XSS occurred.
111        "A String",
112      ],
113      "errorMessage": "A String", # An error message generated by a javascript breakage.
114    },
115    "outdatedLibrary": { # Information reported for an outdated library. # Output only.
116        # An addon containing information about outdated libraries.
117      "libraryName": "A String", # The name of the outdated library.
118      "version": "A String", # The version number.
119      "learnMoreUrls": [ # URLs to learn more information about the vulnerabilities in the library.
120        "A String",
121      ],
122    },
123    "frameUrl": "A String", # Output only.
124        # If the vulnerability was originated from nested IFrame, the immediate
125        # parent IFrame is reported.
126    "form": { # ! Information about a vulnerability with an HTML. # Output only.
127        # An addon containing information reported for a vulnerability with an HTML
128        # form, if any.
129      "fields": [ # ! The names of form fields related to the vulnerability.
130        "A String",
131      ],
132      "actionUri": "A String", # ! The URI where to send the form when it's submitted.
133    },
134    "violatingResource": { # Information regarding any resource causing the vulnerability such # Output only.
135        # An addon containing detailed information regarding any resource causing the
136        # vulnerability such as JavaScript sources, image, audio files, etc.
137        # as JavaScript sources, image, audio files, etc.
138      "contentType": "A String", # The MIME type of this resource.
139      "resourceUrl": "A String", # URL of this violating resource.
140    },
141    "finalUrl": "A String", # Output only.
142        # The URL where the browser lands when the vulnerability is detected.
143    "findingType": "A String", # Output only.
144        # The type of the Finding.
145        # Detailed and up-to-date information on findings can be found here:
146        # https://cloud.google.com/security-scanner/docs/scan-result-details
147    "fuzzedUrl": "A String", # Output only.
148        # The URL produced by the server-side fuzzer and used in the request that
149        # triggered the vulnerability.
150    "name": "A String", # Output only.
151        # The resource name of the Finding. The name follows the format of
152        # 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'.
153        # The finding IDs are generated by the system.
154    "httpMethod": "A String", # Output only.
155        # The http method of the request that triggered the vulnerability, in
156        # uppercase.
157    "vulnerableParameters": { # Information about vulnerable request parameters. # Output only.
158        # An addon containing information about request parameters which were found
159        # to be vulnerable.
160      "parameterNames": [ # The vulnerable parameter names.
161        "A String",
162      ],
163    },
164    "trackingId": "A String", # Output only.
165        # The tracking ID uniquely identifies a vulnerability instance across
166        # multiple ScanRuns.
167    "vulnerableHeaders": { # Information about vulnerable or missing HTTP Headers. # Output only.
168        # An addon containing information about vulnerable or missing HTTP headers.
169      "missingHeaders": [ # List of missing headers.
170        { # Describes a HTTP Header.
171          "name": "A String", # Header name.
172          "value": "A String", # Header value.
173        },
174      ],
175      "headers": [ # List of vulnerable headers.
176        { # Describes a HTTP Header.
177          "name": "A String", # Header name.
178          "value": "A String", # Header value.
179        },
180      ],
181    },
182    "reproductionUrl": "A String", # Output only.
183        # The URL containing human-readable payload that user can leverage to
184        # reproduce the vulnerability.
185    "description": "A String", # Output only.
186        # The description of the vulnerability.
187  }</pre>
188</div>
189
190<div class="method">
191    <code class="details" id="list">list(parent, pageToken=None, x__xgafv=None, pageSize=None, filter=None)</code>
192  <pre>List Findings under a given ScanRun.
193
194Args:
195  parent: string, Required.
196The parent resource name, which should be a scan run resource name in the
197format
198'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'. (required)
199  pageToken: string, A token identifying a page of results to be returned. This should be a
200`next_page_token` value returned from a previous List request.
201If unspecified, the first page of results is returned.
202  x__xgafv: string, V1 error format.
203    Allowed values
204      1 - v1 error format
205      2 - v2 error format
206  pageSize: integer, The maximum number of Findings to return, can be limited by server.
207If not specified or not positive, the implementation will select a
208reasonable value.
209  filter: string, The filter expression. The expression must be in the format: <field>
210<operator> <value>.
211Supported field: 'finding_type'.
212Supported operator: '='.
213
214Returns:
215  An object of the form:
216
217    { # Response for the `ListFindings` method.
218    "nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no
219        # more results in the list.
220    "findings": [ # The list of Findings returned.
221      { # A Finding resource represents a vulnerability instance identified during a
222          # ScanRun.
223        "body": "A String", # Output only.
224            # The body of the request that triggered the vulnerability.
225        "xss": { # Information reported for an XSS. # Output only.
226            # An addon containing information reported for an XSS, if any.
227          "stackTraces": [ # Stack traces leading to the point where the XSS occurred.
228            "A String",
229          ],
230          "errorMessage": "A String", # An error message generated by a javascript breakage.
231        },
232        "outdatedLibrary": { # Information reported for an outdated library. # Output only.
233            # An addon containing information about outdated libraries.
234          "libraryName": "A String", # The name of the outdated library.
235          "version": "A String", # The version number.
236          "learnMoreUrls": [ # URLs to learn more information about the vulnerabilities in the library.
237            "A String",
238          ],
239        },
240        "frameUrl": "A String", # Output only.
241            # If the vulnerability was originated from nested IFrame, the immediate
242            # parent IFrame is reported.
243        "form": { # ! Information about a vulnerability with an HTML. # Output only.
244            # An addon containing information reported for a vulnerability with an HTML
245            # form, if any.
246          "fields": [ # ! The names of form fields related to the vulnerability.
247            "A String",
248          ],
249          "actionUri": "A String", # ! The URI where to send the form when it's submitted.
250        },
251        "violatingResource": { # Information regarding any resource causing the vulnerability such # Output only.
252            # An addon containing detailed information regarding any resource causing the
253            # vulnerability such as JavaScript sources, image, audio files, etc.
254            # as JavaScript sources, image, audio files, etc.
255          "contentType": "A String", # The MIME type of this resource.
256          "resourceUrl": "A String", # URL of this violating resource.
257        },
258        "finalUrl": "A String", # Output only.
259            # The URL where the browser lands when the vulnerability is detected.
260        "findingType": "A String", # Output only.
261            # The type of the Finding.
262            # Detailed and up-to-date information on findings can be found here:
263            # https://cloud.google.com/security-scanner/docs/scan-result-details
264        "fuzzedUrl": "A String", # Output only.
265            # The URL produced by the server-side fuzzer and used in the request that
266            # triggered the vulnerability.
267        "name": "A String", # Output only.
268            # The resource name of the Finding. The name follows the format of
269            # 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'.
270            # The finding IDs are generated by the system.
271        "httpMethod": "A String", # Output only.
272            # The http method of the request that triggered the vulnerability, in
273            # uppercase.
274        "vulnerableParameters": { # Information about vulnerable request parameters. # Output only.
275            # An addon containing information about request parameters which were found
276            # to be vulnerable.
277          "parameterNames": [ # The vulnerable parameter names.
278            "A String",
279          ],
280        },
281        "trackingId": "A String", # Output only.
282            # The tracking ID uniquely identifies a vulnerability instance across
283            # multiple ScanRuns.
284        "vulnerableHeaders": { # Information about vulnerable or missing HTTP Headers. # Output only.
285            # An addon containing information about vulnerable or missing HTTP headers.
286          "missingHeaders": [ # List of missing headers.
287            { # Describes a HTTP Header.
288              "name": "A String", # Header name.
289              "value": "A String", # Header value.
290            },
291          ],
292          "headers": [ # List of vulnerable headers.
293            { # Describes a HTTP Header.
294              "name": "A String", # Header name.
295              "value": "A String", # Header value.
296            },
297          ],
298        },
299        "reproductionUrl": "A String", # Output only.
300            # The URL containing human-readable payload that user can leverage to
301            # reproduce the vulnerability.
302        "description": "A String", # Output only.
303            # The description of the vulnerability.
304      },
305    ],
306  }</pre>
307</div>
308
309<div class="method">
310    <code class="details" id="list_next">list_next(previous_request, previous_response)</code>
311  <pre>Retrieves the next page of results.
312
313Args:
314  previous_request: The request for the previous page. (required)
315  previous_response: The response from the request for the previous page. (required)
316
317Returns:
318  A request object that you can call 'execute()' on to request the next
319  page. Returns None if there are no more items in the collection.
320    </pre>
321</div>
322
323</body></html>