websecurityscanner

package
v0.0.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 7, 2023 License: BSD-3-Clause Imports: 16 Imported by: 0

Documentation

Overview

Package websecurityscanner provides access to the Web Security Scanner API.

For product documentation, see: https://cloud.google.com/security-command-center/docs/concepts-web-security-scanner-overview/

Library status

These client libraries are officially supported by Google. However, this library is considered complete and is in maintenance mode. This means that we will address critical bugs and security issues but will not add any new features.

When possible, we recommend using our newer [Cloud Client Libraries for Go](https://pkg.go.dev/cloud.google.com/go) that are still actively being worked and iterated on.

Creating a client

Usage example:

import "google.golang.org/api/websecurityscanner/v1alpha"
...
ctx := context.Background()
websecurityscannerService, err := websecurityscanner.NewService(ctx)

In this example, Google Application Default Credentials are used for authentication. For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials.

Other authentication options

To use an API key for authentication (note: some APIs do not support API keys), use google.golang.org/api/option.WithAPIKey:

websecurityscannerService, err := websecurityscanner.NewService(ctx, option.WithAPIKey("AIza..."))

To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow, use google.golang.org/api/option.WithTokenSource:

config := &oauth2.Config{...}
// ...
token, err := config.Exchange(ctx, ...)
websecurityscannerService, err := websecurityscanner.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token)))

See google.golang.org/api/option.ClientOption for details on options.

Index

Constants

View Source
const (
	// See, edit, configure, and delete your Google Cloud data and see the
	// email address for your Google Account.
	CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform"
)

OAuth2 scopes used by this API.

Variables

This section is empty.

Functions

This section is empty.

Types

type Authentication

type Authentication struct {
	// CustomAccount: Authentication using a custom account.
	CustomAccount *CustomAccount `json:"customAccount,omitempty"`

	// GoogleAccount: Authentication using a Google account.
	GoogleAccount *GoogleAccount `json:"googleAccount,omitempty"`

	// ForceSendFields is a list of field names (e.g. "CustomAccount") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "CustomAccount") to include
	// in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. However, any field with
	// an empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

Authentication: Scan authentication configuration.

func (*Authentication) MarshalJSON

func (s *Authentication) MarshalJSON() ([]byte, error)

type CrawledUrl

type CrawledUrl struct {
	// Body: Output only. The body of the request that was used to visit the
	// URL.
	Body string `json:"body,omitempty"`

	// HttpMethod: Output only. The http method of the request that was used
	// to visit the URL, in uppercase.
	HttpMethod string `json:"httpMethod,omitempty"`

	// Url: Output only. The URL that was crawled.
	Url string `json:"url,omitempty"`

	// ForceSendFields is a list of field names (e.g. "Body") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "Body") to include in API
	// requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

CrawledUrl: A CrawledUrl resource represents a URL that was crawled during a ScanRun. Web Security Scanner Service crawls the web applications, following all links within the scope of sites, to find the URLs to test against.

func (*CrawledUrl) MarshalJSON

func (s *CrawledUrl) MarshalJSON() ([]byte, error)

type CustomAccount

type CustomAccount struct {
	// LoginUrl: Required. The login form URL of the website.
	LoginUrl string `json:"loginUrl,omitempty"`

	// Password: Required. Input only. The password of the custom account.
	// The credential is stored encrypted and not returned in any response
	// nor included in audit logs.
	Password string `json:"password,omitempty"`

	// Username: Required. The user name of the custom account.
	Username string `json:"username,omitempty"`

	// ForceSendFields is a list of field names (e.g. "LoginUrl") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "LoginUrl") to include in
	// API requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

CustomAccount: Describes authentication configuration that uses a custom account.

func (*CustomAccount) MarshalJSON

func (s *CustomAccount) MarshalJSON() ([]byte, error)

type Empty

type Empty struct {
	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`
}

Empty: A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }

type Finding

type Finding struct {
	// Body: The body of the request that triggered the vulnerability.
	Body string `json:"body,omitempty"`

	// Description: The description of the vulnerability.
	Description string `json:"description,omitempty"`

	// FinalUrl: The URL where the browser lands when the vulnerability is
	// detected.
	FinalUrl string `json:"finalUrl,omitempty"`

	// FindingType: The type of the Finding.
	//
	// Possible values:
	//   "FINDING_TYPE_UNSPECIFIED" - The invalid finding type.
	//   "MIXED_CONTENT" - A page that was served over HTTPS also resources
	// over HTTP. A man-in-the-middle attacker could tamper with the HTTP
	// resource and gain full access to the website that loads the resource
	// or to monitor the actions taken by the user.
	//   "OUTDATED_LIBRARY" - The version of an included library is known to
	// contain a security issue. The scanner checks the version of library
	// in use against a known list of vulnerable libraries. False positives
	// are possible if the version detection fails or if the library has
	// been manually patched.
	//   "ROSETTA_FLASH" - This type of vulnerability occurs when the value
	// of a request parameter is reflected at the beginning of the response,
	// for example, in requests using JSONP. Under certain circumstances, an
	// attacker may be able to supply an alphanumeric-only Flash file in the
	// vulnerable parameter causing the browser to execute the Flash file as
	// if it originated on the vulnerable server.
	//   "XSS_CALLBACK" - A cross-site scripting (XSS) bug is found via
	// JavaScript callback. For detailed explanations on XSS, see
	// https://www.google.com/about/appsecurity/learning/xss/.
	//   "XSS_ERROR" - A potential cross-site scripting (XSS) bug due to
	// JavaScript breakage. In some circumstances, the application under
	// test might modify the test string before it is parsed by the browser.
	// When the browser attempts to runs this modified test string, it will
	// likely break and throw a JavaScript execution error, thus an
	// injection issue is occurring. However, it may not be exploitable.
	// Manual verification is needed to see if the test string modifications
	// can be evaded and confirm that the issue is in fact an XSS
	// vulnerability. For detailed explanations on XSS, see
	// https://www.google.com/about/appsecurity/learning/xss/.
	//   "CLEAR_TEXT_PASSWORD" - An application appears to be transmitting a
	// password field in clear text. An attacker can eavesdrop network
	// traffic and sniff the password field.
	//   "INVALID_CONTENT_TYPE" - An application returns sensitive content
	// with an invalid content type, or without an 'X-Content-Type-Options:
	// nosniff' header.
	//   "XSS_ANGULAR_CALLBACK" - A cross-site scripting (XSS) vulnerability
	// in AngularJS module that occurs when a user-provided string is
	// interpolated by Angular.
	//   "INVALID_HEADER" - A malformed or invalid valued header.
	//   "MISSPELLED_SECURITY_HEADER_NAME" - Misspelled security header
	// name.
	//   "MISMATCHING_SECURITY_HEADER_VALUES" - Mismatching values in a
	// duplicate security header.
	//   "ACCESSIBLE_GIT_REPOSITORY" - A world-readable git repository that
	// potentially leaks source code, commit history or sensitive
	// information such as credentials.
	//   "ACCESSIBLE_SVN_REPOSITORY" - A world-readable subversion
	// repository that potentially leaks source code, commit history or
	// sensitive information such as credentials.
	//   "ACCESSIBLE_ENV_FILE" - A world-readable env file that potentially
	// leaks source code, commit history or sensitive information such as
	// credentials.
	FindingType string `json:"findingType,omitempty"`

	// FrameUrl: If the vulnerability was originated from nested IFrame, the
	// immediate parent IFrame is reported.
	FrameUrl string `json:"frameUrl,omitempty"`

	// FuzzedUrl: The URL produced by the server-side fuzzer and used in the
	// request that triggered the vulnerability.
	FuzzedUrl string `json:"fuzzedUrl,omitempty"`

	// HttpMethod: The http method of the request that triggered the
	// vulnerability, in uppercase.
	HttpMethod string `json:"httpMethod,omitempty"`

	// Name: The resource name of the Finding. The name follows the format
	// of
	// 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/
	// findings/{findingId}'. The finding IDs are generated by the system.
	Name string `json:"name,omitempty"`

	// OutdatedLibrary: An addon containing information about outdated
	// libraries.
	OutdatedLibrary *OutdatedLibrary `json:"outdatedLibrary,omitempty"`

	// ReproductionUrl: The URL containing human-readable payload that user
	// can leverage to reproduce the vulnerability.
	ReproductionUrl string `json:"reproductionUrl,omitempty"`

	// TrackingId: The tracking ID uniquely identifies a vulnerability
	// instance across multiple ScanRuns.
	TrackingId string `json:"trackingId,omitempty"`

	// ViolatingResource: An addon containing detailed information regarding
	// any resource causing the vulnerability such as JavaScript sources,
	// image, audio files, etc.
	ViolatingResource *ViolatingResource `json:"violatingResource,omitempty"`

	// VulnerableHeaders: An addon containing information about vulnerable
	// or missing HTTP headers.
	VulnerableHeaders *VulnerableHeaders `json:"vulnerableHeaders,omitempty"`

	// VulnerableParameters: An addon containing information about request
	// parameters which were found to be vulnerable.
	VulnerableParameters *VulnerableParameters `json:"vulnerableParameters,omitempty"`

	// Xss: An addon containing information reported for an XSS, if any.
	Xss *Xss `json:"xss,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "Body") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "Body") to include in API
	// requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

Finding: A Finding resource represents a vulnerability instance identified during a ScanRun.

func (*Finding) MarshalJSON

func (s *Finding) MarshalJSON() ([]byte, error)

type FindingTypeStats

type FindingTypeStats struct {
	// FindingCount: The count of findings belonging to this finding type.
	FindingCount int64 `json:"findingCount,omitempty"`

	// FindingType: The finding type associated with the stats.
	//
	// Possible values:
	//   "FINDING_TYPE_UNSPECIFIED" - The invalid finding type.
	//   "MIXED_CONTENT" - A page that was served over HTTPS also resources
	// over HTTP. A man-in-the-middle attacker could tamper with the HTTP
	// resource and gain full access to the website that loads the resource
	// or to monitor the actions taken by the user.
	//   "OUTDATED_LIBRARY" - The version of an included library is known to
	// contain a security issue. The scanner checks the version of library
	// in use against a known list of vulnerable libraries. False positives
	// are possible if the version detection fails or if the library has
	// been manually patched.
	//   "ROSETTA_FLASH" - This type of vulnerability occurs when the value
	// of a request parameter is reflected at the beginning of the response,
	// for example, in requests using JSONP. Under certain circumstances, an
	// attacker may be able to supply an alphanumeric-only Flash file in the
	// vulnerable parameter causing the browser to execute the Flash file as
	// if it originated on the vulnerable server.
	//   "XSS_CALLBACK" - A cross-site scripting (XSS) bug is found via
	// JavaScript callback. For detailed explanations on XSS, see
	// https://www.google.com/about/appsecurity/learning/xss/.
	//   "XSS_ERROR" - A potential cross-site scripting (XSS) bug due to
	// JavaScript breakage. In some circumstances, the application under
	// test might modify the test string before it is parsed by the browser.
	// When the browser attempts to runs this modified test string, it will
	// likely break and throw a JavaScript execution error, thus an
	// injection issue is occurring. However, it may not be exploitable.
	// Manual verification is needed to see if the test string modifications
	// can be evaded and confirm that the issue is in fact an XSS
	// vulnerability. For detailed explanations on XSS, see
	// https://www.google.com/about/appsecurity/learning/xss/.
	//   "CLEAR_TEXT_PASSWORD" - An application appears to be transmitting a
	// password field in clear text. An attacker can eavesdrop network
	// traffic and sniff the password field.
	//   "INVALID_CONTENT_TYPE" - An application returns sensitive content
	// with an invalid content type, or without an 'X-Content-Type-Options:
	// nosniff' header.
	//   "XSS_ANGULAR_CALLBACK" - A cross-site scripting (XSS) vulnerability
	// in AngularJS module that occurs when a user-provided string is
	// interpolated by Angular.
	//   "INVALID_HEADER" - A malformed or invalid valued header.
	//   "MISSPELLED_SECURITY_HEADER_NAME" - Misspelled security header
	// name.
	//   "MISMATCHING_SECURITY_HEADER_VALUES" - Mismatching values in a
	// duplicate security header.
	//   "ACCESSIBLE_GIT_REPOSITORY" - A world-readable git repository that
	// potentially leaks source code, commit history or sensitive
	// information such as credentials.
	//   "ACCESSIBLE_SVN_REPOSITORY" - A world-readable subversion
	// repository that potentially leaks source code, commit history or
	// sensitive information such as credentials.
	//   "ACCESSIBLE_ENV_FILE" - A world-readable env file that potentially
	// leaks source code, commit history or sensitive information such as
	// credentials.
	FindingType string `json:"findingType,omitempty"`

	// ForceSendFields is a list of field names (e.g. "FindingCount") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "FindingCount") to include
	// in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. However, any field with
	// an empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

FindingTypeStats: A FindingTypeStats resource represents stats regarding a specific FindingType of Findings under a given ScanRun.

func (*FindingTypeStats) MarshalJSON

func (s *FindingTypeStats) MarshalJSON() ([]byte, error)

type GoogleAccount

type GoogleAccount struct {
	// Password: Required. Input only. The password of the Google account.
	// The credential is stored encrypted and not returned in any response
	// nor included in audit logs.
	Password string `json:"password,omitempty"`

	// Username: Required. The user name of the Google account.
	Username string `json:"username,omitempty"`

	// ForceSendFields is a list of field names (e.g. "Password") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "Password") to include in
	// API requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

GoogleAccount: Describes authentication configuration that uses a Google account.

func (*GoogleAccount) MarshalJSON

func (s *GoogleAccount) MarshalJSON() ([]byte, error)
type Header struct {
	// Name: Header name.
	Name string `json:"name,omitempty"`

	// Value: Header value.
	Value string `json:"value,omitempty"`

	// ForceSendFields is a list of field names (e.g. "Name") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "Name") to include in API
	// requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

Header: Describes a HTTP Header.

func (*Header) MarshalJSON

func (s *Header) MarshalJSON() ([]byte, error)

type ListCrawledUrlsResponse

type ListCrawledUrlsResponse struct {
	// CrawledUrls: The list of CrawledUrls returned.
	CrawledUrls []*CrawledUrl `json:"crawledUrls,omitempty"`

	// NextPageToken: Token to retrieve the next page of results, or empty
	// if there are no more results in the list.
	NextPageToken string `json:"nextPageToken,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "CrawledUrls") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "CrawledUrls") to include
	// in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. However, any field with
	// an empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

ListCrawledUrlsResponse: Response for the `ListCrawledUrls` method.

func (*ListCrawledUrlsResponse) MarshalJSON

func (s *ListCrawledUrlsResponse) MarshalJSON() ([]byte, error)

type ListFindingTypeStatsResponse

type ListFindingTypeStatsResponse struct {
	// FindingTypeStats: The list of FindingTypeStats returned.
	FindingTypeStats []*FindingTypeStats `json:"findingTypeStats,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "FindingTypeStats") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "FindingTypeStats") to
	// include in API requests with the JSON null value. By default, fields
	// with empty values are omitted from API requests. However, any field
	// with an empty value appearing in NullFields will be sent to the
	// server as null. It is an error if a field in this list has a
	// non-empty value. This may be used to include null fields in Patch
	// requests.
	NullFields []string `json:"-"`
}

ListFindingTypeStatsResponse: Response for the `ListFindingTypeStats` method.

func (*ListFindingTypeStatsResponse) MarshalJSON

func (s *ListFindingTypeStatsResponse) MarshalJSON() ([]byte, error)

type ListFindingsResponse

type ListFindingsResponse struct {
	// Findings: The list of Findings returned.
	Findings []*Finding `json:"findings,omitempty"`

	// NextPageToken: Token to retrieve the next page of results, or empty
	// if there are no more results in the list.
	NextPageToken string `json:"nextPageToken,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "Findings") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "Findings") to include in
	// API requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

ListFindingsResponse: Response for the `ListFindings` method.

func (*ListFindingsResponse) MarshalJSON

func (s *ListFindingsResponse) MarshalJSON() ([]byte, error)

type ListScanConfigsResponse

type ListScanConfigsResponse struct {
	// NextPageToken: Token to retrieve the next page of results, or empty
	// if there are no more results in the list.
	NextPageToken string `json:"nextPageToken,omitempty"`

	// ScanConfigs: The list of ScanConfigs returned.
	ScanConfigs []*ScanConfig `json:"scanConfigs,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "NextPageToken") to include
	// in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. However, any field with
	// an empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

ListScanConfigsResponse: Response for the `ListScanConfigs` method.

func (*ListScanConfigsResponse) MarshalJSON

func (s *ListScanConfigsResponse) MarshalJSON() ([]byte, error)

type ListScanRunsResponse

type ListScanRunsResponse struct {
	// NextPageToken: Token to retrieve the next page of results, or empty
	// if there are no more results in the list.
	NextPageToken string `json:"nextPageToken,omitempty"`

	// ScanRuns: The list of ScanRuns returned.
	ScanRuns []*ScanRun `json:"scanRuns,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "NextPageToken") to include
	// in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. However, any field with
	// an empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

ListScanRunsResponse: Response for the `ListScanRuns` method.

func (*ListScanRunsResponse) MarshalJSON

func (s *ListScanRunsResponse) MarshalJSON() ([]byte, error)

type OutdatedLibrary

type OutdatedLibrary struct {
	// LearnMoreUrls: URLs to learn more information about the
	// vulnerabilities in the library.
	LearnMoreUrls []string `json:"learnMoreUrls,omitempty"`

	// LibraryName: The name of the outdated library.
	LibraryName string `json:"libraryName,omitempty"`

	// Version: The version number.
	Version string `json:"version,omitempty"`

	// ForceSendFields is a list of field names (e.g. "LearnMoreUrls") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "LearnMoreUrls") to include
	// in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. However, any field with
	// an empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

OutdatedLibrary: Information reported for an outdated library.

func (*OutdatedLibrary) MarshalJSON

func (s *OutdatedLibrary) MarshalJSON() ([]byte, error)

type ProjectsScanConfigsCreateCall

type ProjectsScanConfigsCreateCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsCreateCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ProjectsScanConfigsCreateCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.create" call. Exactly one of *ScanConfig or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ScanConfig.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsCreateCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ProjectsScanConfigsCreateCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

type ProjectsScanConfigsDeleteCall

type ProjectsScanConfigsDeleteCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsDeleteCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ProjectsScanConfigsDeleteCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.delete" call. Exactly one of *Empty or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Empty.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsDeleteCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ProjectsScanConfigsDeleteCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

type ProjectsScanConfigsGetCall

type ProjectsScanConfigsGetCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsGetCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ProjectsScanConfigsGetCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.get" call. Exactly one of *ScanConfig or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ScanConfig.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsGetCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ProjectsScanConfigsGetCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*ProjectsScanConfigsGetCall) IfNoneMatch

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

type ProjectsScanConfigsListCall

type ProjectsScanConfigsListCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsListCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ProjectsScanConfigsListCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.list" call. Exactly one of *ListScanConfigsResponse or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ListScanConfigsResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ProjectsScanConfigsListCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*ProjectsScanConfigsListCall) IfNoneMatch

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

func (*ProjectsScanConfigsListCall) PageSize

PageSize sets the optional parameter "pageSize": The maximum number of ScanConfigs to return, can be limited by server. If not specified or not positive, the implementation will select a reasonable value.

func (*ProjectsScanConfigsListCall) PageToken

PageToken sets the optional parameter "pageToken": A token identifying a page of results to be returned. This should be a `next_page_token` value returned from a previous List request. If unspecified, the first page of results is returned.

func (*ProjectsScanConfigsListCall) Pages

Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration. The provided context supersedes any context provided to the Context method.

type ProjectsScanConfigsPatchCall

type ProjectsScanConfigsPatchCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsPatchCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ProjectsScanConfigsPatchCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.patch" call. Exactly one of *ScanConfig or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ScanConfig.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsPatchCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ProjectsScanConfigsPatchCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*ProjectsScanConfigsPatchCall) UpdateMask

UpdateMask sets the optional parameter "updateMask": Required. The update mask applies to the resource. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask

type ProjectsScanConfigsScanRunsCrawledUrlsListCall

type ProjectsScanConfigsScanRunsCrawledUrlsListCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.crawledUrls.list" call. Exactly one of *ListCrawledUrlsResponse or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ListCrawledUrlsResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) IfNoneMatch

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) PageSize

PageSize sets the optional parameter "pageSize": The maximum number of CrawledUrls to return, can be limited by server. If not specified or not positive, the implementation will select a reasonable value.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) PageToken

PageToken sets the optional parameter "pageToken": A token identifying a page of results to be returned. This should be a `next_page_token` value returned from a previous List request. If unspecified, the first page of results is returned.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) Pages

Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration. The provided context supersedes any context provided to the Context method.

type ProjectsScanConfigsScanRunsCrawledUrlsService

type ProjectsScanConfigsScanRunsCrawledUrlsService struct {
	// contains filtered or unexported fields
}

func NewProjectsScanConfigsScanRunsCrawledUrlsService

func NewProjectsScanConfigsScanRunsCrawledUrlsService(s *Service) *ProjectsScanConfigsScanRunsCrawledUrlsService

func (*ProjectsScanConfigsScanRunsCrawledUrlsService) List

List: List CrawledUrls under a given ScanRun.

  • parent: The parent resource name, which should be a scan run resource name in the format 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId }'.

type ProjectsScanConfigsScanRunsFindingTypeStatsListCall

type ProjectsScanConfigsScanRunsFindingTypeStatsListCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsFindingTypeStatsListCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ProjectsScanConfigsScanRunsFindingTypeStatsListCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.findingTypeStats.list" call. Exactly one of *ListFindingTypeStatsResponse or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ListFindingTypeStatsResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsFindingTypeStatsListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ProjectsScanConfigsScanRunsFindingTypeStatsListCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*ProjectsScanConfigsScanRunsFindingTypeStatsListCall) IfNoneMatch

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

type ProjectsScanConfigsScanRunsFindingTypeStatsService

type ProjectsScanConfigsScanRunsFindingTypeStatsService struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsFindingTypeStatsService) List

List: List all FindingTypeStats under a given ScanRun.

  • parent: The parent resource name, which should be a scan run resource name in the format 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId }'.

type ProjectsScanConfigsScanRunsFindingsGetCall

type ProjectsScanConfigsScanRunsFindingsGetCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsFindingsGetCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ProjectsScanConfigsScanRunsFindingsGetCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.findings.get" call. Exactly one of *Finding or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Finding.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsFindingsGetCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ProjectsScanConfigsScanRunsFindingsGetCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*ProjectsScanConfigsScanRunsFindingsGetCall) IfNoneMatch

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

type ProjectsScanConfigsScanRunsFindingsListCall

type ProjectsScanConfigsScanRunsFindingsListCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsFindingsListCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ProjectsScanConfigsScanRunsFindingsListCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.findings.list" call. Exactly one of *ListFindingsResponse or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ListFindingsResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsFindingsListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ProjectsScanConfigsScanRunsFindingsListCall) Filter

Filter sets the optional parameter "filter": Required. The filter expression. The expression must be in the format: . Supported field: 'finding_type'. Supported operator: '='.

func (*ProjectsScanConfigsScanRunsFindingsListCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*ProjectsScanConfigsScanRunsFindingsListCall) IfNoneMatch

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

func (*ProjectsScanConfigsScanRunsFindingsListCall) PageSize

PageSize sets the optional parameter "pageSize": The maximum number of Findings to return, can be limited by server. If not specified or not positive, the implementation will select a reasonable value.

func (*ProjectsScanConfigsScanRunsFindingsListCall) PageToken

PageToken sets the optional parameter "pageToken": A token identifying a page of results to be returned. This should be a `next_page_token` value returned from a previous List request. If unspecified, the first page of results is returned.

func (*ProjectsScanConfigsScanRunsFindingsListCall) Pages

Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration. The provided context supersedes any context provided to the Context method.

type ProjectsScanConfigsScanRunsFindingsService

type ProjectsScanConfigsScanRunsFindingsService struct {
	// contains filtered or unexported fields
}

func NewProjectsScanConfigsScanRunsFindingsService

func NewProjectsScanConfigsScanRunsFindingsService(s *Service) *ProjectsScanConfigsScanRunsFindingsService

func (*ProjectsScanConfigsScanRunsFindingsService) Get

Get: Gets a Finding.

  • name: The resource name of the Finding to be returned. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId }/findings/{findingId}'.

func (*ProjectsScanConfigsScanRunsFindingsService) List

List: List Findings under a given ScanRun.

  • parent: The parent resource name, which should be a scan run resource name in the format 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId }'.

type ProjectsScanConfigsScanRunsGetCall

type ProjectsScanConfigsScanRunsGetCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsGetCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ProjectsScanConfigsScanRunsGetCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.get" call. Exactly one of *ScanRun or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ScanRun.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsGetCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ProjectsScanConfigsScanRunsGetCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*ProjectsScanConfigsScanRunsGetCall) IfNoneMatch

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

type ProjectsScanConfigsScanRunsListCall

type ProjectsScanConfigsScanRunsListCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsListCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ProjectsScanConfigsScanRunsListCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.list" call. Exactly one of *ListScanRunsResponse or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ListScanRunsResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ProjectsScanConfigsScanRunsListCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*ProjectsScanConfigsScanRunsListCall) IfNoneMatch

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

func (*ProjectsScanConfigsScanRunsListCall) PageSize

PageSize sets the optional parameter "pageSize": The maximum number of ScanRuns to return, can be limited by server. If not specified or not positive, the implementation will select a reasonable value.

func (*ProjectsScanConfigsScanRunsListCall) PageToken

PageToken sets the optional parameter "pageToken": A token identifying a page of results to be returned. This should be a `next_page_token` value returned from a previous List request. If unspecified, the first page of results is returned.

func (*ProjectsScanConfigsScanRunsListCall) Pages

Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration. The provided context supersedes any context provided to the Context method.

type ProjectsScanConfigsScanRunsService

type ProjectsScanConfigsScanRunsService struct {
	CrawledUrls *ProjectsScanConfigsScanRunsCrawledUrlsService

	FindingTypeStats *ProjectsScanConfigsScanRunsFindingTypeStatsService

	Findings *ProjectsScanConfigsScanRunsFindingsService
	// contains filtered or unexported fields
}

func NewProjectsScanConfigsScanRunsService

func NewProjectsScanConfigsScanRunsService(s *Service) *ProjectsScanConfigsScanRunsService

func (*ProjectsScanConfigsScanRunsService) Get

Get: Gets a ScanRun.

  • name: The resource name of the ScanRun to be returned. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId }'.

func (*ProjectsScanConfigsScanRunsService) List

List: Lists ScanRuns under a given ScanConfig, in descending order of ScanRun stop time.

  • parent: The parent resource name, which should be a scan resource name in the format 'projects/{projectId}/scanConfigs/{scanConfigId}'.

func (*ProjectsScanConfigsScanRunsService) Stop

Stop: Stops a ScanRun. The stopped ScanRun is returned.

  • name: The resource name of the ScanRun to be stopped. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId }'.

type ProjectsScanConfigsScanRunsStopCall

type ProjectsScanConfigsScanRunsStopCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsStopCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ProjectsScanConfigsScanRunsStopCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.stop" call. Exactly one of *ScanRun or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ScanRun.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsStopCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ProjectsScanConfigsScanRunsStopCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

type ProjectsScanConfigsService

type ProjectsScanConfigsService struct {
	ScanRuns *ProjectsScanConfigsScanRunsService
	// contains filtered or unexported fields
}

func NewProjectsScanConfigsService

func NewProjectsScanConfigsService(s *Service) *ProjectsScanConfigsService

func (*ProjectsScanConfigsService) Create

Create: Creates a new ScanConfig.

  • parent: The parent resource name where the scan is created, which should be a project resource name in the format 'projects/{projectId}'.

func (*ProjectsScanConfigsService) Delete

Delete: Deletes an existing ScanConfig and its child resources.

  • name: The resource name of the ScanConfig to be deleted. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}'.

func (*ProjectsScanConfigsService) Get

Get: Gets a ScanConfig.

  • name: The resource name of the ScanConfig to be returned. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}'.

func (*ProjectsScanConfigsService) List

List: Lists ScanConfigs under a given project.

  • parent: The parent resource name, which should be a project resource name in the format 'projects/{projectId}'.

func (*ProjectsScanConfigsService) Patch

Patch: Updates a ScanConfig. This method support partial update of a ScanConfig.

  • name: The resource name of the ScanConfig. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}'. The ScanConfig IDs are generated by the system.

func (*ProjectsScanConfigsService) Start

Start: Start a ScanRun according to the given ScanConfig.

  • name: The resource name of the ScanConfig to be used. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}'.

type ProjectsScanConfigsStartCall

type ProjectsScanConfigsStartCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsStartCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ProjectsScanConfigsStartCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.start" call. Exactly one of *ScanRun or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ScanRun.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsStartCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ProjectsScanConfigsStartCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

type ProjectsService

type ProjectsService struct {
	ScanConfigs *ProjectsScanConfigsService
	// contains filtered or unexported fields
}

func NewProjectsService

func NewProjectsService(s *Service) *ProjectsService

type ScanConfig

type ScanConfig struct {
	// Authentication: The authentication configuration. If specified,
	// service will use the authentication configuration during scanning.
	Authentication *Authentication `json:"authentication,omitempty"`

	// BlacklistPatterns: The excluded URL patterns as described in
	// https://cloud.google.com/security-command-center/docs/how-to-use-web-security-scanner#excluding_urls
	BlacklistPatterns []string `json:"blacklistPatterns,omitempty"`

	// DisplayName: Required. The user provided display name of the
	// ScanConfig.
	DisplayName string `json:"displayName,omitempty"`

	// LatestRun: Latest ScanRun if available.
	LatestRun *ScanRun `json:"latestRun,omitempty"`

	// MaxQps: The maximum QPS during scanning. A valid value ranges from 5
	// to 20 inclusively. If the field is unspecified or its value is set 0,
	// server will default to 15. Other values outside of [5, 20] range will
	// be rejected with INVALID_ARGUMENT error.
	MaxQps int64 `json:"maxQps,omitempty"`

	// Name: The resource name of the ScanConfig. The name follows the
	// format of 'projects/{projectId}/scanConfigs/{scanConfigId}'. The
	// ScanConfig IDs are generated by the system.
	Name string `json:"name,omitempty"`

	// Schedule: The schedule of the ScanConfig.
	Schedule *Schedule `json:"schedule,omitempty"`

	// StartingUrls: Required. The starting URLs from which the scanner
	// finds site pages.
	StartingUrls []string `json:"startingUrls,omitempty"`

	// TargetPlatforms: Set of Google Cloud platforms targeted by the scan.
	// If empty, APP_ENGINE will be used as a default.
	//
	// Possible values:
	//   "TARGET_PLATFORM_UNSPECIFIED" - The target platform is unknown.
	// Requests with this enum value will be rejected with INVALID_ARGUMENT
	// error.
	//   "APP_ENGINE" - Google App Engine service.
	//   "COMPUTE" - Google Compute Engine service.
	//   "CLOUD_RUN" - Google Cloud Run service.
	//   "CLOUD_FUNCTIONS" - Google Cloud Function service.
	TargetPlatforms []string `json:"targetPlatforms,omitempty"`

	// UserAgent: The user agent used during scanning.
	//
	// Possible values:
	//   "USER_AGENT_UNSPECIFIED" - The user agent is unknown. Service will
	// default to CHROME_LINUX.
	//   "CHROME_LINUX" - Chrome on Linux. This is the service default if
	// unspecified.
	//   "CHROME_ANDROID" - Chrome on Android.
	//   "SAFARI_IPHONE" - Safari on IPhone.
	UserAgent string `json:"userAgent,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "Authentication") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "Authentication") to
	// include in API requests with the JSON null value. By default, fields
	// with empty values are omitted from API requests. However, any field
	// with an empty value appearing in NullFields will be sent to the
	// server as null. It is an error if a field in this list has a
	// non-empty value. This may be used to include null fields in Patch
	// requests.
	NullFields []string `json:"-"`
}

ScanConfig: A ScanConfig resource contains the configurations to launch a scan. next id: 12

func (*ScanConfig) MarshalJSON

func (s *ScanConfig) MarshalJSON() ([]byte, error)

type ScanRun

type ScanRun struct {
	// EndTime: The time at which the ScanRun reached termination state -
	// that the ScanRun is either finished or stopped by user.
	EndTime string `json:"endTime,omitempty"`

	// ExecutionState: The execution state of the ScanRun.
	//
	// Possible values:
	//   "EXECUTION_STATE_UNSPECIFIED" - Represents an invalid state caused
	// by internal server error. This value should never be returned.
	//   "QUEUED" - The scan is waiting in the queue.
	//   "SCANNING" - The scan is in progress.
	//   "FINISHED" - The scan is either finished or stopped by user.
	ExecutionState string `json:"executionState,omitempty"`

	// HasVulnerabilities: Whether the scan run has found any
	// vulnerabilities.
	HasVulnerabilities bool `json:"hasVulnerabilities,omitempty"`

	// Name: The resource name of the ScanRun. The name follows the format
	// of
	// 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'
	// . The ScanRun IDs are generated by the system.
	Name string `json:"name,omitempty"`

	// ProgressPercent: The percentage of total completion ranging from 0 to
	// 100. If the scan is in queue, the value is 0. If the scan is running,
	// the value ranges from 0 to 100. If the scan is finished, the value is
	// 100.
	ProgressPercent int64 `json:"progressPercent,omitempty"`

	// ResultState: The result state of the ScanRun. This field is only
	// available after the execution state reaches "FINISHED".
	//
	// Possible values:
	//   "RESULT_STATE_UNSPECIFIED" - Default value. This value is returned
	// when the ScanRun is not yet finished.
	//   "SUCCESS" - The scan finished without errors.
	//   "ERROR" - The scan finished with errors.
	//   "KILLED" - The scan was terminated by user.
	ResultState string `json:"resultState,omitempty"`

	// StartTime: The time at which the ScanRun started.
	StartTime string `json:"startTime,omitempty"`

	// UrlsCrawledCount: The number of URLs crawled during this ScanRun. If
	// the scan is in progress, the value represents the number of URLs
	// crawled up to now.
	UrlsCrawledCount int64 `json:"urlsCrawledCount,omitempty,string"`

	// UrlsTestedCount: The number of URLs tested during this ScanRun. If
	// the scan is in progress, the value represents the number of URLs
	// tested up to now. The number of URLs tested is usually larger than
	// the number URLS crawled because typically a crawled URL is tested
	// with multiple test payloads.
	UrlsTestedCount int64 `json:"urlsTestedCount,omitempty,string"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "EndTime") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "EndTime") to include in
	// API requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

ScanRun: A ScanRun is a output-only resource representing an actual run of the scan.

func (*ScanRun) MarshalJSON

func (s *ScanRun) MarshalJSON() ([]byte, error)

type Schedule

type Schedule struct {
	// IntervalDurationDays: Required. The duration of time between
	// executions in days.
	IntervalDurationDays int64 `json:"intervalDurationDays,omitempty"`

	// ScheduleTime: A timestamp indicates when the next run will be
	// scheduled. The value is refreshed by the server after each run. If
	// unspecified, it will default to current server time, which means the
	// scan will be scheduled to start immediately.
	ScheduleTime string `json:"scheduleTime,omitempty"`

	// ForceSendFields is a list of field names (e.g.
	// "IntervalDurationDays") to unconditionally include in API requests.
	// By default, fields with empty or default values are omitted from API
	// requests. However, any non-pointer, non-interface field appearing in
	// ForceSendFields will be sent to the server regardless of whether the
	// field is empty or not. This may be used to include empty fields in
	// Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "IntervalDurationDays") to
	// include in API requests with the JSON null value. By default, fields
	// with empty values are omitted from API requests. However, any field
	// with an empty value appearing in NullFields will be sent to the
	// server as null. It is an error if a field in this list has a
	// non-empty value. This may be used to include null fields in Patch
	// requests.
	NullFields []string `json:"-"`
}

Schedule: Scan schedule configuration.

func (*Schedule) MarshalJSON

func (s *Schedule) MarshalJSON() ([]byte, error)

type Service

type Service struct {
	BasePath  string // API endpoint base URL
	UserAgent string // optional additional User-Agent fragment

	Projects *ProjectsService
	// contains filtered or unexported fields
}

func New deprecated

func New(client *http.Client) (*Service, error)

New creates a new Service. It uses the provided http.Client for requests.

Deprecated: please use NewService instead. To provide a custom HTTP client, use option.WithHTTPClient. If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead.

func NewService

func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error)

NewService creates a new Service.

type StartScanRunRequest

type StartScanRunRequest struct {
}

StartScanRunRequest: Request for the `StartScanRun` method.

type StopScanRunRequest

type StopScanRunRequest struct {
}

StopScanRunRequest: Request for the `StopScanRun` method.

type ViolatingResource

type ViolatingResource struct {
	// ContentType: The MIME type of this resource.
	ContentType string `json:"contentType,omitempty"`

	// ResourceUrl: URL of this violating resource.
	ResourceUrl string `json:"resourceUrl,omitempty"`

	// ForceSendFields is a list of field names (e.g. "ContentType") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "ContentType") to include
	// in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. However, any field with
	// an empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

ViolatingResource: Information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.

func (*ViolatingResource) MarshalJSON

func (s *ViolatingResource) MarshalJSON() ([]byte, error)

type VulnerableHeaders

type VulnerableHeaders struct {
	// Headers: List of vulnerable headers.
	Headers []*Header `json:"headers,omitempty"`

	// MissingHeaders: List of missing headers.
	MissingHeaders []*Header `json:"missingHeaders,omitempty"`

	// ForceSendFields is a list of field names (e.g. "Headers") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "Headers") to include in
	// API requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

VulnerableHeaders: Information about vulnerable or missing HTTP Headers.

func (*VulnerableHeaders) MarshalJSON

func (s *VulnerableHeaders) MarshalJSON() ([]byte, error)

type VulnerableParameters

type VulnerableParameters struct {
	// ParameterNames: The vulnerable parameter names.
	ParameterNames []string `json:"parameterNames,omitempty"`

	// ForceSendFields is a list of field names (e.g. "ParameterNames") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "ParameterNames") to
	// include in API requests with the JSON null value. By default, fields
	// with empty values are omitted from API requests. However, any field
	// with an empty value appearing in NullFields will be sent to the
	// server as null. It is an error if a field in this list has a
	// non-empty value. This may be used to include null fields in Patch
	// requests.
	NullFields []string `json:"-"`
}

VulnerableParameters: Information about vulnerable request parameters.

func (*VulnerableParameters) MarshalJSON

func (s *VulnerableParameters) MarshalJSON() ([]byte, error)

type Xss

type Xss struct {
	// ErrorMessage: An error message generated by a javascript breakage.
	ErrorMessage string `json:"errorMessage,omitempty"`

	// StackTraces: Stack traces leading to the point where the XSS
	// occurred.
	StackTraces []string `json:"stackTraces,omitempty"`

	// ForceSendFields is a list of field names (e.g. "ErrorMessage") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "ErrorMessage") to include
	// in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. However, any field with
	// an empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

Xss: Information reported for an XSS.

func (*Xss) MarshalJSON

func (s *Xss) MarshalJSON() ([]byte, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL