websecurityscanner

package
v0.0.0-...-ff3b5ee Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 12, 2024 License: BSD-3-Clause Imports: 16 Imported by: 0

Documentation

Overview

Package websecurityscanner provides access to the Web Security Scanner API.

For product documentation, see: https://cloud.google.com/security-command-center/docs/concepts-web-security-scanner-overview/

Library status

These client libraries are officially supported by Google. However, this library is considered complete and is in maintenance mode. This means that we will address critical bugs and security issues but will not add any new features.

When possible, we recommend using our newer [Cloud Client Libraries for Go](https://pkg.go.dev/cloud.google.com/go) that are still actively being worked and iterated on.

Creating a client

Usage example:

import "google.golang.org/api/websecurityscanner/v1"
...
ctx := context.Background()
websecurityscannerService, err := websecurityscanner.NewService(ctx)

In this example, Google Application Default Credentials are used for authentication. For information on how to create and obtain Application Default Credentials, see https://developers.google.com/identity/protocols/application-default-credentials.

Other authentication options

To use an API key for authentication (note: some APIs do not support API keys), use google.golang.org/api/option.WithAPIKey:

websecurityscannerService, err := websecurityscanner.NewService(ctx, option.WithAPIKey("AIza..."))

To use an OAuth token (e.g., a user token obtained via a three-legged OAuth flow, use google.golang.org/api/option.WithTokenSource:

config := &oauth2.Config{...}
// ...
token, err := config.Exchange(ctx, ...)
websecurityscannerService, err := websecurityscanner.NewService(ctx, option.WithTokenSource(config.TokenSource(ctx, token)))

See google.golang.org/api/option.ClientOption for details on options.

Index

Constants

View Source
const (
	// See, edit, configure, and delete your Google Cloud data and see the
	// email address for your Google Account.
	CloudPlatformScope = "https://www.googleapis.com/auth/cloud-platform"
)

OAuth2 scopes used by this API.

Variables

This section is empty.

Functions

This section is empty.

Types

type Authentication

type Authentication struct {
	// CustomAccount: Authentication using a custom account.
	CustomAccount *CustomAccount `json:"customAccount,omitempty"`

	// GoogleAccount: Authentication using a Google account.
	GoogleAccount *GoogleAccount `json:"googleAccount,omitempty"`

	// IapCredential: Authentication using Identity-Aware-Proxy (IAP).
	IapCredential *IapCredential `json:"iapCredential,omitempty"`

	// ForceSendFields is a list of field names (e.g. "CustomAccount") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "CustomAccount") to include
	// in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. However, any field with
	// an empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

Authentication: Scan authentication configuration.

func (*Authentication) MarshalJSON

func (s *Authentication) MarshalJSON() ([]byte, error)

type CrawledUrl

type CrawledUrl struct {
	// Body: Output only. The body of the request that was used to visit the
	// URL.
	Body string `json:"body,omitempty"`

	// HttpMethod: Output only. The http method of the request that was used
	// to visit the URL, in uppercase.
	HttpMethod string `json:"httpMethod,omitempty"`

	// Url: Output only. The URL that was crawled.
	Url string `json:"url,omitempty"`

	// ForceSendFields is a list of field names (e.g. "Body") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "Body") to include in API
	// requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

CrawledUrl: A CrawledUrl resource represents a URL that was crawled during a ScanRun. Web Security Scanner Service crawls the web applications, following all links within the scope of sites, to find the URLs to test against.

func (*CrawledUrl) MarshalJSON

func (s *CrawledUrl) MarshalJSON() ([]byte, error)

type CustomAccount

type CustomAccount struct {
	// LoginUrl: Required. The login form URL of the website.
	LoginUrl string `json:"loginUrl,omitempty"`

	// Password: Required. Input only. The password of the custom account.
	// The credential is stored encrypted and not returned in any response
	// nor included in audit logs.
	Password string `json:"password,omitempty"`

	// Username: Required. The user name of the custom account.
	Username string `json:"username,omitempty"`

	// ForceSendFields is a list of field names (e.g. "LoginUrl") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "LoginUrl") to include in
	// API requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

CustomAccount: Describes authentication configuration that uses a custom account.

func (*CustomAccount) MarshalJSON

func (s *CustomAccount) MarshalJSON() ([]byte, error)

type Empty

type Empty struct {
	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`
}

Empty: A generic empty message that you can re-use to avoid defining duplicated empty messages in your APIs. A typical example is to use it as the request or the response type of an API method. For instance: service Foo { rpc Bar(google.protobuf.Empty) returns (google.protobuf.Empty); }

type Finding

type Finding struct {
	// Body: Output only. The body of the request that triggered the
	// vulnerability.
	Body string `json:"body,omitempty"`

	// Description: Output only. The description of the vulnerability.
	Description string `json:"description,omitempty"`

	// FinalUrl: Output only. The URL where the browser lands when the
	// vulnerability is detected.
	FinalUrl string `json:"finalUrl,omitempty"`

	// FindingType: Output only. The type of the Finding. Detailed and
	// up-to-date information on findings can be found here:
	// https://cloud.google.com/security-command-center/docs/how-to-remediate-web-security-scanner-findings
	FindingType string `json:"findingType,omitempty"`

	// Form: Output only. An addon containing information reported for a
	// vulnerability with an HTML form, if any.
	Form *Form `json:"form,omitempty"`

	// FrameUrl: Output only. If the vulnerability was originated from
	// nested IFrame, the immediate parent IFrame is reported.
	FrameUrl string `json:"frameUrl,omitempty"`

	// FuzzedUrl: Output only. The URL produced by the server-side fuzzer
	// and used in the request that triggered the vulnerability.
	FuzzedUrl string `json:"fuzzedUrl,omitempty"`

	// HttpMethod: Output only. The http method of the request that
	// triggered the vulnerability, in uppercase.
	HttpMethod string `json:"httpMethod,omitempty"`

	// Name: Output only. The resource name of the Finding. The name follows
	// the format of
	// 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/
	// findings/{findingId}'. The finding IDs are generated by the system.
	Name string `json:"name,omitempty"`

	// OutdatedLibrary: Output only. An addon containing information about
	// outdated libraries.
	OutdatedLibrary *OutdatedLibrary `json:"outdatedLibrary,omitempty"`

	// ReproductionUrl: Output only. The URL containing human-readable
	// payload that user can leverage to reproduce the vulnerability.
	ReproductionUrl string `json:"reproductionUrl,omitempty"`

	// Severity: Output only. The severity level of the reported
	// vulnerability.
	//
	// Possible values:
	//   "SEVERITY_UNSPECIFIED" - No severity specified. The default value.
	//   "CRITICAL" - Critical severity.
	//   "HIGH" - High severity.
	//   "MEDIUM" - Medium severity.
	//   "LOW" - Low severity.
	Severity string `json:"severity,omitempty"`

	// TrackingId: Output only. The tracking ID uniquely identifies a
	// vulnerability instance across multiple ScanRuns.
	TrackingId string `json:"trackingId,omitempty"`

	// ViolatingResource: Output only. An addon containing detailed
	// information regarding any resource causing the vulnerability such as
	// JavaScript sources, image, audio files, etc.
	ViolatingResource *ViolatingResource `json:"violatingResource,omitempty"`

	// VulnerableHeaders: Output only. An addon containing information about
	// vulnerable or missing HTTP headers.
	VulnerableHeaders *VulnerableHeaders `json:"vulnerableHeaders,omitempty"`

	// VulnerableParameters: Output only. An addon containing information
	// about request parameters which were found to be vulnerable.
	VulnerableParameters *VulnerableParameters `json:"vulnerableParameters,omitempty"`

	// Xss: Output only. An addon containing information reported for an
	// XSS, if any.
	Xss *Xss `json:"xss,omitempty"`

	// Xxe: Output only. An addon containing information reported for an
	// XXE, if any.
	Xxe *Xxe `json:"xxe,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "Body") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "Body") to include in API
	// requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

Finding: A Finding resource represents a vulnerability instance identified during a ScanRun.

func (*Finding) MarshalJSON

func (s *Finding) MarshalJSON() ([]byte, error)

type FindingTypeStats

type FindingTypeStats struct {
	// FindingCount: Output only. The count of findings belonging to this
	// finding type.
	FindingCount int64 `json:"findingCount,omitempty"`

	// FindingType: Output only. The finding type associated with the stats.
	FindingType string `json:"findingType,omitempty"`

	// ForceSendFields is a list of field names (e.g. "FindingCount") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "FindingCount") to include
	// in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. However, any field with
	// an empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

FindingTypeStats: A FindingTypeStats resource represents stats regarding a specific FindingType of Findings under a given ScanRun.

func (*FindingTypeStats) MarshalJSON

func (s *FindingTypeStats) MarshalJSON() ([]byte, error)

type Form

type Form struct {
	// ActionUri: ! The URI where to send the form when it's submitted.
	ActionUri string `json:"actionUri,omitempty"`

	// Fields: ! The names of form fields related to the vulnerability.
	Fields []string `json:"fields,omitempty"`

	// ForceSendFields is a list of field names (e.g. "ActionUri") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "ActionUri") to include in
	// API requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

Form: ! Information about a vulnerability with an HTML.

func (*Form) MarshalJSON

func (s *Form) MarshalJSON() ([]byte, error)

type GoogleAccount

type GoogleAccount struct {
	// Password: Required. Input only. The password of the Google account.
	// The credential is stored encrypted and not returned in any response
	// nor included in audit logs.
	Password string `json:"password,omitempty"`

	// Username: Required. The user name of the Google account.
	Username string `json:"username,omitempty"`

	// ForceSendFields is a list of field names (e.g. "Password") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "Password") to include in
	// API requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

GoogleAccount: Describes authentication configuration that uses a Google account.

func (*GoogleAccount) MarshalJSON

func (s *GoogleAccount) MarshalJSON() ([]byte, error)
type Header struct {
	// Name: Header name.
	Name string `json:"name,omitempty"`

	// Value: Header value.
	Value string `json:"value,omitempty"`

	// ForceSendFields is a list of field names (e.g. "Name") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "Name") to include in API
	// requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

Header: Describes a HTTP Header.

func (*Header) MarshalJSON

func (s *Header) MarshalJSON() ([]byte, error)

type IapCredential

type IapCredential struct {
	// IapTestServiceAccountInfo: Authentication configuration when
	// Web-Security-Scanner service account is added in Identity-Aware-Proxy
	// (IAP) access policies.
	IapTestServiceAccountInfo *IapTestServiceAccountInfo `json:"iapTestServiceAccountInfo,omitempty"`

	// ForceSendFields is a list of field names (e.g.
	// "IapTestServiceAccountInfo") to unconditionally include in API
	// requests. By default, fields with empty or default values are omitted
	// from API requests. However, any non-pointer, non-interface field
	// appearing in ForceSendFields will be sent to the server regardless of
	// whether the field is empty or not. This may be used to include empty
	// fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g.
	// "IapTestServiceAccountInfo") to include in API requests with the JSON
	// null value. By default, fields with empty values are omitted from API
	// requests. However, any field with an empty value appearing in
	// NullFields will be sent to the server as null. It is an error if a
	// field in this list has a non-empty value. This may be used to include
	// null fields in Patch requests.
	NullFields []string `json:"-"`
}

IapCredential: Describes authentication configuration for Identity-Aware-Proxy (IAP).

func (*IapCredential) MarshalJSON

func (s *IapCredential) MarshalJSON() ([]byte, error)

type IapTestServiceAccountInfo

type IapTestServiceAccountInfo struct {
	// TargetAudienceClientId: Required. Describes OAuth2 client id of
	// resources protected by Identity-Aware-Proxy (IAP).
	TargetAudienceClientId string `json:"targetAudienceClientId,omitempty"`

	// ForceSendFields is a list of field names (e.g.
	// "TargetAudienceClientId") to unconditionally include in API requests.
	// By default, fields with empty or default values are omitted from API
	// requests. However, any non-pointer, non-interface field appearing in
	// ForceSendFields will be sent to the server regardless of whether the
	// field is empty or not. This may be used to include empty fields in
	// Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "TargetAudienceClientId")
	// to include in API requests with the JSON null value. By default,
	// fields with empty values are omitted from API requests. However, any
	// field with an empty value appearing in NullFields will be sent to the
	// server as null. It is an error if a field in this list has a
	// non-empty value. This may be used to include null fields in Patch
	// requests.
	NullFields []string `json:"-"`
}

IapTestServiceAccountInfo: Describes authentication configuration when Web-Security-Scanner service account is added in Identity-Aware-Proxy (IAP) access policies.

func (*IapTestServiceAccountInfo) MarshalJSON

func (s *IapTestServiceAccountInfo) MarshalJSON() ([]byte, error)

type ListCrawledUrlsResponse

type ListCrawledUrlsResponse struct {
	// CrawledUrls: The list of CrawledUrls returned.
	CrawledUrls []*CrawledUrl `json:"crawledUrls,omitempty"`

	// NextPageToken: Token to retrieve the next page of results, or empty
	// if there are no more results in the list.
	NextPageToken string `json:"nextPageToken,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "CrawledUrls") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "CrawledUrls") to include
	// in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. However, any field with
	// an empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

ListCrawledUrlsResponse: Response for the `ListCrawledUrls` method.

func (*ListCrawledUrlsResponse) MarshalJSON

func (s *ListCrawledUrlsResponse) MarshalJSON() ([]byte, error)

type ListFindingTypeStatsResponse

type ListFindingTypeStatsResponse struct {
	// FindingTypeStats: The list of FindingTypeStats returned.
	FindingTypeStats []*FindingTypeStats `json:"findingTypeStats,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "FindingTypeStats") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "FindingTypeStats") to
	// include in API requests with the JSON null value. By default, fields
	// with empty values are omitted from API requests. However, any field
	// with an empty value appearing in NullFields will be sent to the
	// server as null. It is an error if a field in this list has a
	// non-empty value. This may be used to include null fields in Patch
	// requests.
	NullFields []string `json:"-"`
}

ListFindingTypeStatsResponse: Response for the `ListFindingTypeStats` method.

func (*ListFindingTypeStatsResponse) MarshalJSON

func (s *ListFindingTypeStatsResponse) MarshalJSON() ([]byte, error)

type ListFindingsResponse

type ListFindingsResponse struct {
	// Findings: The list of Findings returned.
	Findings []*Finding `json:"findings,omitempty"`

	// NextPageToken: Token to retrieve the next page of results, or empty
	// if there are no more results in the list.
	NextPageToken string `json:"nextPageToken,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "Findings") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "Findings") to include in
	// API requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

ListFindingsResponse: Response for the `ListFindings` method.

func (*ListFindingsResponse) MarshalJSON

func (s *ListFindingsResponse) MarshalJSON() ([]byte, error)

type ListScanConfigsResponse

type ListScanConfigsResponse struct {
	// NextPageToken: Token to retrieve the next page of results, or empty
	// if there are no more results in the list.
	NextPageToken string `json:"nextPageToken,omitempty"`

	// ScanConfigs: The list of ScanConfigs returned.
	ScanConfigs []*ScanConfig `json:"scanConfigs,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "NextPageToken") to include
	// in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. However, any field with
	// an empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

ListScanConfigsResponse: Response for the `ListScanConfigs` method.

func (*ListScanConfigsResponse) MarshalJSON

func (s *ListScanConfigsResponse) MarshalJSON() ([]byte, error)

type ListScanRunsResponse

type ListScanRunsResponse struct {
	// NextPageToken: Token to retrieve the next page of results, or empty
	// if there are no more results in the list.
	NextPageToken string `json:"nextPageToken,omitempty"`

	// ScanRuns: The list of ScanRuns returned.
	ScanRuns []*ScanRun `json:"scanRuns,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "NextPageToken") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "NextPageToken") to include
	// in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. However, any field with
	// an empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

ListScanRunsResponse: Response for the `ListScanRuns` method.

func (*ListScanRunsResponse) MarshalJSON

func (s *ListScanRunsResponse) MarshalJSON() ([]byte, error)

type OutdatedLibrary

type OutdatedLibrary struct {
	// LearnMoreUrls: URLs to learn more information about the
	// vulnerabilities in the library.
	LearnMoreUrls []string `json:"learnMoreUrls,omitempty"`

	// LibraryName: The name of the outdated library.
	LibraryName string `json:"libraryName,omitempty"`

	// Version: The version number.
	Version string `json:"version,omitempty"`

	// ForceSendFields is a list of field names (e.g. "LearnMoreUrls") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "LearnMoreUrls") to include
	// in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. However, any field with
	// an empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

OutdatedLibrary: Information reported for an outdated library.

func (*OutdatedLibrary) MarshalJSON

func (s *OutdatedLibrary) MarshalJSON() ([]byte, error)

type ProjectsScanConfigsCreateCall

type ProjectsScanConfigsCreateCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsCreateCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ProjectsScanConfigsCreateCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.create" call. Exactly one of *ScanConfig or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ScanConfig.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsCreateCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ProjectsScanConfigsCreateCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

type ProjectsScanConfigsDeleteCall

type ProjectsScanConfigsDeleteCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsDeleteCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ProjectsScanConfigsDeleteCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.delete" call. Exactly one of *Empty or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Empty.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsDeleteCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ProjectsScanConfigsDeleteCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

type ProjectsScanConfigsGetCall

type ProjectsScanConfigsGetCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsGetCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ProjectsScanConfigsGetCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.get" call. Exactly one of *ScanConfig or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ScanConfig.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsGetCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ProjectsScanConfigsGetCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*ProjectsScanConfigsGetCall) IfNoneMatch

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

type ProjectsScanConfigsListCall

type ProjectsScanConfigsListCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsListCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ProjectsScanConfigsListCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.list" call. Exactly one of *ListScanConfigsResponse or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ListScanConfigsResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ProjectsScanConfigsListCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*ProjectsScanConfigsListCall) IfNoneMatch

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

func (*ProjectsScanConfigsListCall) PageSize

PageSize sets the optional parameter "pageSize": The maximum number of ScanConfigs to return, can be limited by server. If not specified or not positive, the implementation will select a reasonable value.

func (*ProjectsScanConfigsListCall) PageToken

PageToken sets the optional parameter "pageToken": A token identifying a page of results to be returned. This should be a `next_page_token` value returned from a previous List request. If unspecified, the first page of results is returned.

func (*ProjectsScanConfigsListCall) Pages

Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration. The provided context supersedes any context provided to the Context method.

type ProjectsScanConfigsPatchCall

type ProjectsScanConfigsPatchCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsPatchCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ProjectsScanConfigsPatchCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.patch" call. Exactly one of *ScanConfig or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ScanConfig.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsPatchCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ProjectsScanConfigsPatchCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*ProjectsScanConfigsPatchCall) UpdateMask

UpdateMask sets the optional parameter "updateMask": Required. The update mask applies to the resource. For the `FieldMask` definition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask

type ProjectsScanConfigsScanRunsCrawledUrlsListCall

type ProjectsScanConfigsScanRunsCrawledUrlsListCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.crawledUrls.list" call. Exactly one of *ListCrawledUrlsResponse or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ListCrawledUrlsResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) IfNoneMatch

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) PageSize

PageSize sets the optional parameter "pageSize": The maximum number of CrawledUrls to return, can be limited by server. If not specified or not positive, the implementation will select a reasonable value.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) PageToken

PageToken sets the optional parameter "pageToken": A token identifying a page of results to be returned. This should be a `next_page_token` value returned from a previous List request. If unspecified, the first page of results is returned.

func (*ProjectsScanConfigsScanRunsCrawledUrlsListCall) Pages

Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration. The provided context supersedes any context provided to the Context method.

type ProjectsScanConfigsScanRunsCrawledUrlsService

type ProjectsScanConfigsScanRunsCrawledUrlsService struct {
	// contains filtered or unexported fields
}

func NewProjectsScanConfigsScanRunsCrawledUrlsService

func NewProjectsScanConfigsScanRunsCrawledUrlsService(s *Service) *ProjectsScanConfigsScanRunsCrawledUrlsService

func (*ProjectsScanConfigsScanRunsCrawledUrlsService) List

List: List CrawledUrls under a given ScanRun.

  • parent: The parent resource name, which should be a scan run resource name in the format 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId }'.

type ProjectsScanConfigsScanRunsFindingTypeStatsListCall

type ProjectsScanConfigsScanRunsFindingTypeStatsListCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsFindingTypeStatsListCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ProjectsScanConfigsScanRunsFindingTypeStatsListCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.findingTypeStats.list" call. Exactly one of *ListFindingTypeStatsResponse or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ListFindingTypeStatsResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsFindingTypeStatsListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ProjectsScanConfigsScanRunsFindingTypeStatsListCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*ProjectsScanConfigsScanRunsFindingTypeStatsListCall) IfNoneMatch

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

type ProjectsScanConfigsScanRunsFindingTypeStatsService

type ProjectsScanConfigsScanRunsFindingTypeStatsService struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsFindingTypeStatsService) List

List: List all FindingTypeStats under a given ScanRun.

  • parent: The parent resource name, which should be a scan run resource name in the format 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId }'.

type ProjectsScanConfigsScanRunsFindingsGetCall

type ProjectsScanConfigsScanRunsFindingsGetCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsFindingsGetCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ProjectsScanConfigsScanRunsFindingsGetCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.findings.get" call. Exactly one of *Finding or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *Finding.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsFindingsGetCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ProjectsScanConfigsScanRunsFindingsGetCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*ProjectsScanConfigsScanRunsFindingsGetCall) IfNoneMatch

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

type ProjectsScanConfigsScanRunsFindingsListCall

type ProjectsScanConfigsScanRunsFindingsListCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsFindingsListCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ProjectsScanConfigsScanRunsFindingsListCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.findings.list" call. Exactly one of *ListFindingsResponse or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ListFindingsResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsFindingsListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ProjectsScanConfigsScanRunsFindingsListCall) Filter

Filter sets the optional parameter "filter": The filter expression. The expression must be in the format: . Supported field: 'finding_type'. Supported operator: '='.

func (*ProjectsScanConfigsScanRunsFindingsListCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*ProjectsScanConfigsScanRunsFindingsListCall) IfNoneMatch

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

func (*ProjectsScanConfigsScanRunsFindingsListCall) PageSize

PageSize sets the optional parameter "pageSize": The maximum number of Findings to return, can be limited by server. If not specified or not positive, the implementation will select a reasonable value.

func (*ProjectsScanConfigsScanRunsFindingsListCall) PageToken

PageToken sets the optional parameter "pageToken": A token identifying a page of results to be returned. This should be a `next_page_token` value returned from a previous List request. If unspecified, the first page of results is returned.

func (*ProjectsScanConfigsScanRunsFindingsListCall) Pages

Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration. The provided context supersedes any context provided to the Context method.

type ProjectsScanConfigsScanRunsFindingsService

type ProjectsScanConfigsScanRunsFindingsService struct {
	// contains filtered or unexported fields
}

func NewProjectsScanConfigsScanRunsFindingsService

func NewProjectsScanConfigsScanRunsFindingsService(s *Service) *ProjectsScanConfigsScanRunsFindingsService

func (*ProjectsScanConfigsScanRunsFindingsService) Get

Get: Gets a Finding.

  • name: The resource name of the Finding to be returned. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId }/findings/{findingId}'.

func (*ProjectsScanConfigsScanRunsFindingsService) List

List: List Findings under a given ScanRun.

  • parent: The parent resource name, which should be a scan run resource name in the format 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId }'.

type ProjectsScanConfigsScanRunsGetCall

type ProjectsScanConfigsScanRunsGetCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsGetCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ProjectsScanConfigsScanRunsGetCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.get" call. Exactly one of *ScanRun or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ScanRun.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsGetCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ProjectsScanConfigsScanRunsGetCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*ProjectsScanConfigsScanRunsGetCall) IfNoneMatch

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

type ProjectsScanConfigsScanRunsListCall

type ProjectsScanConfigsScanRunsListCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsListCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ProjectsScanConfigsScanRunsListCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.list" call. Exactly one of *ListScanRunsResponse or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ListScanRunsResponse.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsListCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ProjectsScanConfigsScanRunsListCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

func (*ProjectsScanConfigsScanRunsListCall) IfNoneMatch

IfNoneMatch sets the optional parameter which makes the operation fail if the object's ETag matches the given value. This is useful for getting updates only after the object has changed since the last request. Use googleapi.IsNotModified to check whether the response error from Do is the result of In-None-Match.

func (*ProjectsScanConfigsScanRunsListCall) PageSize

PageSize sets the optional parameter "pageSize": The maximum number of ScanRuns to return, can be limited by server. If not specified or not positive, the implementation will select a reasonable value.

func (*ProjectsScanConfigsScanRunsListCall) PageToken

PageToken sets the optional parameter "pageToken": A token identifying a page of results to be returned. This should be a `next_page_token` value returned from a previous List request. If unspecified, the first page of results is returned.

func (*ProjectsScanConfigsScanRunsListCall) Pages

Pages invokes f for each page of results. A non-nil error returned from f will halt the iteration. The provided context supersedes any context provided to the Context method.

type ProjectsScanConfigsScanRunsService

type ProjectsScanConfigsScanRunsService struct {
	CrawledUrls *ProjectsScanConfigsScanRunsCrawledUrlsService

	FindingTypeStats *ProjectsScanConfigsScanRunsFindingTypeStatsService

	Findings *ProjectsScanConfigsScanRunsFindingsService
	// contains filtered or unexported fields
}

func NewProjectsScanConfigsScanRunsService

func NewProjectsScanConfigsScanRunsService(s *Service) *ProjectsScanConfigsScanRunsService

func (*ProjectsScanConfigsScanRunsService) Get

Get: Gets a ScanRun.

  • name: The resource name of the ScanRun to be returned. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId }'.

func (*ProjectsScanConfigsScanRunsService) List

List: Lists ScanRuns under a given ScanConfig, in descending order of ScanRun stop time.

  • parent: The parent resource name, which should be a scan resource name in the format 'projects/{projectId}/scanConfigs/{scanConfigId}'.

func (*ProjectsScanConfigsScanRunsService) Stop

Stop: Stops a ScanRun. The stopped ScanRun is returned.

  • name: The resource name of the ScanRun to be stopped. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId }'.

type ProjectsScanConfigsScanRunsStopCall

type ProjectsScanConfigsScanRunsStopCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsScanRunsStopCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ProjectsScanConfigsScanRunsStopCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.scanRuns.stop" call. Exactly one of *ScanRun or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ScanRun.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsScanRunsStopCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ProjectsScanConfigsScanRunsStopCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

type ProjectsScanConfigsService

type ProjectsScanConfigsService struct {
	ScanRuns *ProjectsScanConfigsScanRunsService
	// contains filtered or unexported fields
}

func NewProjectsScanConfigsService

func NewProjectsScanConfigsService(s *Service) *ProjectsScanConfigsService

func (*ProjectsScanConfigsService) Create

Create: Creates a new ScanConfig.

  • parent: The parent resource name where the scan is created, which should be a project resource name in the format 'projects/{projectId}'.

func (*ProjectsScanConfigsService) Delete

Delete: Deletes an existing ScanConfig and its child resources.

  • name: The resource name of the ScanConfig to be deleted. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}'.

func (*ProjectsScanConfigsService) Get

Get: Gets a ScanConfig.

  • name: The resource name of the ScanConfig to be returned. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}'.

func (*ProjectsScanConfigsService) List

List: Lists ScanConfigs under a given project.

  • parent: The parent resource name, which should be a project resource name in the format 'projects/{projectId}'.

func (*ProjectsScanConfigsService) Patch

Patch: Updates a ScanConfig. This method support partial update of a ScanConfig.

  • name: The resource name of the ScanConfig. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}'. The ScanConfig IDs are generated by the system.

func (*ProjectsScanConfigsService) Start

Start: Start a ScanRun according to the given ScanConfig.

  • name: The resource name of the ScanConfig to be used. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}'.

type ProjectsScanConfigsStartCall

type ProjectsScanConfigsStartCall struct {
	// contains filtered or unexported fields
}

func (*ProjectsScanConfigsStartCall) Context

Context sets the context to be used in this call's Do method. Any pending HTTP request will be aborted if the provided context is canceled.

func (*ProjectsScanConfigsStartCall) Do

Do executes the "websecurityscanner.projects.scanConfigs.start" call. Exactly one of *ScanRun or error will be non-nil. Any non-2xx status code is an error. Response headers are in either *ScanRun.ServerResponse.Header or (if a response was returned at all) in error.(*googleapi.Error).Header. Use googleapi.IsNotModified to check whether the returned error was because http.StatusNotModified was returned.

func (*ProjectsScanConfigsStartCall) Fields

Fields allows partial responses to be retrieved. See https://developers.google.com/gdata/docs/2.0/basics#PartialResponse for more information.

func (*ProjectsScanConfigsStartCall) Header

Header returns an http.Header that can be modified by the caller to add HTTP headers to the request.

type ProjectsService

type ProjectsService struct {
	ScanConfigs *ProjectsScanConfigsService
	// contains filtered or unexported fields
}

func NewProjectsService

func NewProjectsService(s *Service) *ProjectsService

type ScanConfig

type ScanConfig struct {
	// Authentication: The authentication configuration. If specified,
	// service will use the authentication configuration during scanning.
	Authentication *Authentication `json:"authentication,omitempty"`

	// BlacklistPatterns: The excluded URL patterns as described in
	// https://cloud.google.com/security-command-center/docs/how-to-use-web-security-scanner#excluding_urls
	BlacklistPatterns []string `json:"blacklistPatterns,omitempty"`

	// DisplayName: Required. The user provided display name of the
	// ScanConfig.
	DisplayName string `json:"displayName,omitempty"`

	// ExportToSecurityCommandCenter: Controls export of scan configurations
	// and results to Security Command Center.
	//
	// Possible values:
	//   "EXPORT_TO_SECURITY_COMMAND_CENTER_UNSPECIFIED" - Use default,
	// which is ENABLED.
	//   "ENABLED" - Export results of this scan to Security Command Center.
	//   "DISABLED" - Do not export results of this scan to Security Command
	// Center.
	ExportToSecurityCommandCenter string `json:"exportToSecurityCommandCenter,omitempty"`

	// IgnoreHttpStatusErrors: Whether to keep scanning even if most
	// requests return HTTP error codes.
	IgnoreHttpStatusErrors bool `json:"ignoreHttpStatusErrors,omitempty"`

	// ManagedScan: Whether the scan config is managed by Web Security
	// Scanner, output only.
	ManagedScan bool `json:"managedScan,omitempty"`

	// MaxQps: The maximum QPS during scanning. A valid value ranges from 5
	// to 20 inclusively. If the field is unspecified or its value is set 0,
	// server will default to 15. Other values outside of [5, 20] range will
	// be rejected with INVALID_ARGUMENT error.
	MaxQps int64 `json:"maxQps,omitempty"`

	// Name: The resource name of the ScanConfig. The name follows the
	// format of 'projects/{projectId}/scanConfigs/{scanConfigId}'. The
	// ScanConfig IDs are generated by the system.
	Name string `json:"name,omitempty"`

	// RiskLevel: The risk level selected for the scan
	//
	// Possible values:
	//   "RISK_LEVEL_UNSPECIFIED" - Use default, which is NORMAL.
	//   "NORMAL" - Normal scanning (Recommended)
	//   "LOW" - Lower impact scanning
	RiskLevel string `json:"riskLevel,omitempty"`

	// Schedule: The schedule of the ScanConfig.
	Schedule *Schedule `json:"schedule,omitempty"`

	// StartingUrls: Required. The starting URLs from which the scanner
	// finds site pages.
	StartingUrls []string `json:"startingUrls,omitempty"`

	// StaticIpScan: Whether the scan configuration has enabled static IP
	// address scan feature. If enabled, the scanner will access
	// applications from static IP addresses.
	StaticIpScan bool `json:"staticIpScan,omitempty"`

	// UserAgent: The user agent used during scanning.
	//
	// Possible values:
	//   "USER_AGENT_UNSPECIFIED" - The user agent is unknown. Service will
	// default to CHROME_LINUX.
	//   "CHROME_LINUX" - Chrome on Linux. This is the service default if
	// unspecified.
	//   "CHROME_ANDROID" - Chrome on Android.
	//   "SAFARI_IPHONE" - Safari on IPhone.
	UserAgent string `json:"userAgent,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "Authentication") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "Authentication") to
	// include in API requests with the JSON null value. By default, fields
	// with empty values are omitted from API requests. However, any field
	// with an empty value appearing in NullFields will be sent to the
	// server as null. It is an error if a field in this list has a
	// non-empty value. This may be used to include null fields in Patch
	// requests.
	NullFields []string `json:"-"`
}

ScanConfig: A ScanConfig resource contains the configurations to launch a scan.

func (*ScanConfig) MarshalJSON

func (s *ScanConfig) MarshalJSON() ([]byte, error)

type ScanConfigError

type ScanConfigError struct {
	// Code: Output only. Indicates the reason code for a configuration
	// failure.
	//
	// Possible values:
	//   "CODE_UNSPECIFIED" - There is no error.
	//   "OK" - There is no error.
	//   "INTERNAL_ERROR" - Indicates an internal server error. Please DO
	// NOT USE THIS ERROR CODE unless the root cause is truly unknown.
	//   "APPENGINE_API_BACKEND_ERROR" - One of the seed URLs is an App
	// Engine URL but we cannot validate the scan settings due to an App
	// Engine API backend error.
	//   "APPENGINE_API_NOT_ACCESSIBLE" - One of the seed URLs is an App
	// Engine URL but we cannot access the App Engine API to validate scan
	// settings.
	//   "APPENGINE_DEFAULT_HOST_MISSING" - One of the seed URLs is an App
	// Engine URL but the Default Host of the App Engine is not set.
	//   "CANNOT_USE_GOOGLE_COM_ACCOUNT" - Google corporate accounts can not
	// be used for scanning.
	//   "CANNOT_USE_OWNER_ACCOUNT" - The account of the scan creator can
	// not be used for scanning.
	//   "COMPUTE_API_BACKEND_ERROR" - This scan targets Compute Engine, but
	// we cannot validate scan settings due to a Compute Engine API backend
	// error.
	//   "COMPUTE_API_NOT_ACCESSIBLE" - This scan targets Compute Engine,
	// but we cannot access the Compute Engine API to validate the scan
	// settings.
	//   "CUSTOM_LOGIN_URL_DOES_NOT_BELONG_TO_CURRENT_PROJECT" - The Custom
	// Login URL does not belong to the current project.
	//   "CUSTOM_LOGIN_URL_MALFORMED" - The Custom Login URL is malformed
	// (can not be parsed).
	//   "CUSTOM_LOGIN_URL_MAPPED_TO_NON_ROUTABLE_ADDRESS" - The Custom
	// Login URL is mapped to a non-routable IP address in DNS.
	//   "CUSTOM_LOGIN_URL_MAPPED_TO_UNRESERVED_ADDRESS" - The Custom Login
	// URL is mapped to an IP address which is not reserved for the current
	// project.
	//   "CUSTOM_LOGIN_URL_HAS_NON_ROUTABLE_IP_ADDRESS" - The Custom Login
	// URL has a non-routable IP address.
	//   "CUSTOM_LOGIN_URL_HAS_UNRESERVED_IP_ADDRESS" - The Custom Login URL
	// has an IP address which is not reserved for the current project.
	//   "DUPLICATE_SCAN_NAME" - Another scan with the same name
	// (case-sensitive) already exists.
	//   "INVALID_FIELD_VALUE" - A field is set to an invalid value.
	//   "FAILED_TO_AUTHENTICATE_TO_TARGET" - There was an error trying to
	// authenticate to the scan target.
	//   "FINDING_TYPE_UNSPECIFIED" - Finding type value is not specified in
	// the list findings request.
	//   "FORBIDDEN_TO_SCAN_COMPUTE" - Scan targets Compute Engine, yet
	// current project was not whitelisted for Google Compute Engine
	// Scanning Alpha access.
	//   "FORBIDDEN_UPDATE_TO_MANAGED_SCAN" - User tries to update managed
	// scan
	//   "MALFORMED_FILTER" - The supplied filter is malformed. For example,
	// it can not be parsed, does not have a filter type in expression, or
	// the same filter type appears more than once.
	//   "MALFORMED_RESOURCE_NAME" - The supplied resource name is malformed
	// (can not be parsed).
	//   "PROJECT_INACTIVE" - The current project is not in an active state.
	//   "REQUIRED_FIELD" - A required field is not set.
	//   "RESOURCE_NAME_INCONSISTENT" - Project id, scanconfig id, scanrun
	// id, or finding id are not consistent with each other in resource
	// name.
	//   "SCAN_ALREADY_RUNNING" - The scan being requested to start is
	// already running.
	//   "SCAN_NOT_RUNNING" - The scan that was requested to be stopped is
	// not running.
	//   "SEED_URL_DOES_NOT_BELONG_TO_CURRENT_PROJECT" - One of the seed
	// URLs does not belong to the current project.
	//   "SEED_URL_MALFORMED" - One of the seed URLs is malformed (can not
	// be parsed).
	//   "SEED_URL_MAPPED_TO_NON_ROUTABLE_ADDRESS" - One of the seed URLs is
	// mapped to a non-routable IP address in DNS.
	//   "SEED_URL_MAPPED_TO_UNRESERVED_ADDRESS" - One of the seed URLs is
	// mapped to an IP address which is not reserved for the current
	// project.
	//   "SEED_URL_HAS_NON_ROUTABLE_IP_ADDRESS" - One of the seed URLs has
	// on-routable IP address.
	//   "SEED_URL_HAS_UNRESERVED_IP_ADDRESS" - One of the seed URLs has an
	// IP address that is not reserved for the current project.
	//   "SERVICE_ACCOUNT_NOT_CONFIGURED" - The Web Security Scanner service
	// account is not configured under the project.
	//   "TOO_MANY_SCANS" - A project has reached the maximum number of
	// scans.
	//   "UNABLE_TO_RESOLVE_PROJECT_INFO" - Resolving the details of the
	// current project fails.
	//   "UNSUPPORTED_BLACKLIST_PATTERN_FORMAT" - One or more blacklist
	// patterns were in the wrong format.
	//   "UNSUPPORTED_FILTER" - The supplied filter is not supported.
	//   "UNSUPPORTED_FINDING_TYPE" - The supplied finding type is not
	// supported. For example, we do not provide findings of the given
	// finding type.
	//   "UNSUPPORTED_URL_SCHEME" - The URL scheme of one or more of the
	// supplied URLs is not supported.
	//   "CLOUD_ASSET_INVENTORY_ASSET_NOT_FOUND" - CAI is not able to list
	// assets.
	Code string `json:"code,omitempty"`

	// FieldName: Output only. Indicates the full name of the ScanConfig
	// field that triggers this error, for example "scan_config.max_qps".
	// This field is provided for troubleshooting purposes only and its
	// actual value can change in the future.
	FieldName string `json:"fieldName,omitempty"`

	// ForceSendFields is a list of field names (e.g. "Code") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "Code") to include in API
	// requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

ScanConfigError: Defines a custom error message used by CreateScanConfig and UpdateScanConfig APIs when scan configuration validation fails. It is also reported as part of a ScanRunErrorTrace message if scan validation fails due to a scan configuration error.

func (*ScanConfigError) MarshalJSON

func (s *ScanConfigError) MarshalJSON() ([]byte, error)

type ScanRun

type ScanRun struct {
	// EndTime: Output only. The time at which the ScanRun reached
	// termination state - that the ScanRun is either finished or stopped by
	// user.
	EndTime string `json:"endTime,omitempty"`

	// ErrorTrace: Output only. If result_state is an ERROR, this field
	// provides the primary reason for scan's termination and more details,
	// if such are available.
	ErrorTrace *ScanRunErrorTrace `json:"errorTrace,omitempty"`

	// ExecutionState: Output only. The execution state of the ScanRun.
	//
	// Possible values:
	//   "EXECUTION_STATE_UNSPECIFIED" - Represents an invalid state caused
	// by internal server error. This value should never be returned.
	//   "QUEUED" - The scan is waiting in the queue.
	//   "SCANNING" - The scan is in progress.
	//   "FINISHED" - The scan is either finished or stopped by user.
	ExecutionState string `json:"executionState,omitempty"`

	// HasVulnerabilities: Output only. Whether the scan run has found any
	// vulnerabilities.
	HasVulnerabilities bool `json:"hasVulnerabilities,omitempty"`

	// Name: Output only. The resource name of the ScanRun. The name follows
	// the format of
	// 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'
	// . The ScanRun IDs are generated by the system.
	Name string `json:"name,omitempty"`

	// ProgressPercent: Output only. The percentage of total completion
	// ranging from 0 to 100. If the scan is in queue, the value is 0. If
	// the scan is running, the value ranges from 0 to 100. If the scan is
	// finished, the value is 100.
	ProgressPercent int64 `json:"progressPercent,omitempty"`

	// ResultState: Output only. The result state of the ScanRun. This field
	// is only available after the execution state reaches "FINISHED".
	//
	// Possible values:
	//   "RESULT_STATE_UNSPECIFIED" - Default value. This value is returned
	// when the ScanRun is not yet finished.
	//   "SUCCESS" - The scan finished without errors.
	//   "ERROR" - The scan finished with errors.
	//   "KILLED" - The scan was terminated by user.
	ResultState string `json:"resultState,omitempty"`

	// StartTime: Output only. The time at which the ScanRun started.
	StartTime string `json:"startTime,omitempty"`

	// UrlsCrawledCount: Output only. The number of URLs crawled during this
	// ScanRun. If the scan is in progress, the value represents the number
	// of URLs crawled up to now.
	UrlsCrawledCount int64 `json:"urlsCrawledCount,omitempty,string"`

	// UrlsTestedCount: Output only. The number of URLs tested during this
	// ScanRun. If the scan is in progress, the value represents the number
	// of URLs tested up to now. The number of URLs tested is usually larger
	// than the number URLS crawled because typically a crawled URL is
	// tested with multiple test payloads.
	UrlsTestedCount int64 `json:"urlsTestedCount,omitempty,string"`

	// WarningTraces: Output only. A list of warnings, if such are
	// encountered during this scan run.
	WarningTraces []*ScanRunWarningTrace `json:"warningTraces,omitempty"`

	// ServerResponse contains the HTTP response code and headers from the
	// server.
	googleapi.ServerResponse `json:"-"`

	// ForceSendFields is a list of field names (e.g. "EndTime") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "EndTime") to include in
	// API requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

ScanRun: A ScanRun is a output-only resource representing an actual run of the scan. Next id: 12

func (*ScanRun) MarshalJSON

func (s *ScanRun) MarshalJSON() ([]byte, error)

type ScanRunErrorTrace

type ScanRunErrorTrace struct {
	// Code: Output only. Indicates the error reason code.
	//
	// Possible values:
	//   "CODE_UNSPECIFIED" - Default value is never used.
	//   "INTERNAL_ERROR" - Indicates that the scan run failed due to an
	// internal server error.
	//   "SCAN_CONFIG_ISSUE" - Indicates a scan configuration error, usually
	// due to outdated ScanConfig settings, such as starting_urls or the DNS
	// configuration.
	//   "AUTHENTICATION_CONFIG_ISSUE" - Indicates an authentication error,
	// usually due to outdated ScanConfig authentication settings.
	//   "TIMED_OUT_WHILE_SCANNING" - Indicates a scan operation timeout,
	// usually caused by a very large site.
	//   "TOO_MANY_REDIRECTS" - Indicates that a scan encountered excessive
	// redirects, either to authentication or some other page outside of the
	// scan scope.
	//   "TOO_MANY_HTTP_ERRORS" - Indicates that a scan encountered numerous
	// errors from the web site pages. When available,
	// most_common_http_error_code field indicates the most common HTTP
	// error code encountered during the scan.
	//   "STARTING_URLS_CRAWL_HTTP_ERRORS" - Indicates that some of the
	// starting web urls returned HTTP errors during the scan.
	Code string `json:"code,omitempty"`

	// MostCommonHttpErrorCode: Output only. If the scan encounters
	// TOO_MANY_HTTP_ERRORS, this field indicates the most common HTTP error
	// code, if such is available. For example, if this code is 404, the
	// scan has encountered too many NOT_FOUND responses.
	MostCommonHttpErrorCode int64 `json:"mostCommonHttpErrorCode,omitempty"`

	// ScanConfigError: Output only. If the scan encounters
	// SCAN_CONFIG_ISSUE error, this field has the error message encountered
	// during scan configuration validation that is performed before each
	// scan run.
	ScanConfigError *ScanConfigError `json:"scanConfigError,omitempty"`

	// ForceSendFields is a list of field names (e.g. "Code") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "Code") to include in API
	// requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

ScanRunErrorTrace: Output only. Defines an error trace message for a ScanRun.

func (*ScanRunErrorTrace) MarshalJSON

func (s *ScanRunErrorTrace) MarshalJSON() ([]byte, error)

type ScanRunWarningTrace

type ScanRunWarningTrace struct {
	// Code: Output only. Indicates the warning code.
	//
	// Possible values:
	//   "CODE_UNSPECIFIED" - Default value is never used.
	//   "INSUFFICIENT_CRAWL_RESULTS" - Indicates that a scan discovered an
	// unexpectedly low number of URLs. This is sometimes caused by complex
	// navigation features or by using a single URL for numerous pages.
	//   "TOO_MANY_CRAWL_RESULTS" - Indicates that a scan discovered too
	// many URLs to test, or excessive redundant URLs.
	//   "TOO_MANY_FUZZ_TASKS" - Indicates that too many tests have been
	// generated for the scan. Customer should try reducing the number of
	// starting URLs, increasing the QPS rate, or narrowing down the scope
	// of the scan using the excluded patterns.
	//   "BLOCKED_BY_IAP" - Indicates that a scan is blocked by IAP.
	//   "NO_STARTING_URL_FOUND_FOR_MANAGED_SCAN" - Indicates that no seeds
	// is found for a scan
	Code string `json:"code,omitempty"`

	// ForceSendFields is a list of field names (e.g. "Code") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "Code") to include in API
	// requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

ScanRunWarningTrace: Output only. Defines a warning trace message for ScanRun. Warning traces provide customers with useful information that helps make the scanning process more effective.

func (*ScanRunWarningTrace) MarshalJSON

func (s *ScanRunWarningTrace) MarshalJSON() ([]byte, error)

type Schedule

type Schedule struct {
	// IntervalDurationDays: Required. The duration of time between
	// executions in days.
	IntervalDurationDays int64 `json:"intervalDurationDays,omitempty"`

	// ScheduleTime: A timestamp indicates when the next run will be
	// scheduled. The value is refreshed by the server after each run. If
	// unspecified, it will default to current server time, which means the
	// scan will be scheduled to start immediately.
	ScheduleTime string `json:"scheduleTime,omitempty"`

	// ForceSendFields is a list of field names (e.g.
	// "IntervalDurationDays") to unconditionally include in API requests.
	// By default, fields with empty or default values are omitted from API
	// requests. However, any non-pointer, non-interface field appearing in
	// ForceSendFields will be sent to the server regardless of whether the
	// field is empty or not. This may be used to include empty fields in
	// Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "IntervalDurationDays") to
	// include in API requests with the JSON null value. By default, fields
	// with empty values are omitted from API requests. However, any field
	// with an empty value appearing in NullFields will be sent to the
	// server as null. It is an error if a field in this list has a
	// non-empty value. This may be used to include null fields in Patch
	// requests.
	NullFields []string `json:"-"`
}

Schedule: Scan schedule configuration.

func (*Schedule) MarshalJSON

func (s *Schedule) MarshalJSON() ([]byte, error)

type Service

type Service struct {
	BasePath  string // API endpoint base URL
	UserAgent string // optional additional User-Agent fragment

	Projects *ProjectsService
	// contains filtered or unexported fields
}

func New deprecated

func New(client *http.Client) (*Service, error)

New creates a new Service. It uses the provided http.Client for requests.

Deprecated: please use NewService instead. To provide a custom HTTP client, use option.WithHTTPClient. If you are using google.golang.org/api/googleapis/transport.APIKey, use option.WithAPIKey with NewService instead.

func NewService

func NewService(ctx context.Context, opts ...option.ClientOption) (*Service, error)

NewService creates a new Service.

type StartScanRunRequest

type StartScanRunRequest struct {
}

StartScanRunRequest: Request for the `StartScanRun` method.

type StopScanRunRequest

type StopScanRunRequest struct {
}

StopScanRunRequest: Request for the `StopScanRun` method.

type ViolatingResource

type ViolatingResource struct {
	// ContentType: The MIME type of this resource.
	ContentType string `json:"contentType,omitempty"`

	// ResourceUrl: URL of this violating resource.
	ResourceUrl string `json:"resourceUrl,omitempty"`

	// ForceSendFields is a list of field names (e.g. "ContentType") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "ContentType") to include
	// in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. However, any field with
	// an empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

ViolatingResource: Information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.

func (*ViolatingResource) MarshalJSON

func (s *ViolatingResource) MarshalJSON() ([]byte, error)

type VulnerableHeaders

type VulnerableHeaders struct {
	// Headers: List of vulnerable headers.
	Headers []*Header `json:"headers,omitempty"`

	// MissingHeaders: List of missing headers.
	MissingHeaders []*Header `json:"missingHeaders,omitempty"`

	// ForceSendFields is a list of field names (e.g. "Headers") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "Headers") to include in
	// API requests with the JSON null value. By default, fields with empty
	// values are omitted from API requests. However, any field with an
	// empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

VulnerableHeaders: Information about vulnerable or missing HTTP Headers.

func (*VulnerableHeaders) MarshalJSON

func (s *VulnerableHeaders) MarshalJSON() ([]byte, error)

type VulnerableParameters

type VulnerableParameters struct {
	// ParameterNames: The vulnerable parameter names.
	ParameterNames []string `json:"parameterNames,omitempty"`

	// ForceSendFields is a list of field names (e.g. "ParameterNames") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "ParameterNames") to
	// include in API requests with the JSON null value. By default, fields
	// with empty values are omitted from API requests. However, any field
	// with an empty value appearing in NullFields will be sent to the
	// server as null. It is an error if a field in this list has a
	// non-empty value. This may be used to include null fields in Patch
	// requests.
	NullFields []string `json:"-"`
}

VulnerableParameters: Information about vulnerable request parameters.

func (*VulnerableParameters) MarshalJSON

func (s *VulnerableParameters) MarshalJSON() ([]byte, error)

type Xss

type Xss struct {
	// AttackVector: The attack vector of the payload triggering this XSS.
	//
	// Possible values:
	//   "ATTACK_VECTOR_UNSPECIFIED" - Unknown attack vector.
	//   "LOCAL_STORAGE" - The attack comes from fuzzing the browser's
	// localStorage.
	//   "SESSION_STORAGE" - The attack comes from fuzzing the browser's
	// sessionStorage.
	//   "WINDOW_NAME" - The attack comes from fuzzing the window's name
	// property.
	//   "REFERRER" - The attack comes from fuzzing the referrer property.
	//   "FORM_INPUT" - The attack comes from fuzzing an input element.
	//   "COOKIE" - The attack comes from fuzzing the browser's cookies.
	//   "POST_MESSAGE" - The attack comes from hijacking the post messaging
	// mechanism.
	//   "GET_PARAMETERS" - The attack comes from fuzzing parameters in the
	// url.
	//   "URL_FRAGMENT" - The attack comes from fuzzing the fragment in the
	// url.
	//   "HTML_COMMENT" - The attack comes from fuzzing the HTML comments.
	//   "POST_PARAMETERS" - The attack comes from fuzzing the POST
	// parameters.
	//   "PROTOCOL" - The attack comes from fuzzing the protocol.
	//   "STORED_XSS" - The attack comes from the server side and is stored.
	//   "SAME_ORIGIN" - The attack is a Same-Origin Method Execution attack
	// via a GET parameter.
	//   "USER_CONTROLLABLE_URL" - The attack payload is received from a
	// third-party host via a URL that is user-controllable
	AttackVector string `json:"attackVector,omitempty"`

	// ErrorMessage: An error message generated by a javascript breakage.
	ErrorMessage string `json:"errorMessage,omitempty"`

	// StackTraces: Stack traces leading to the point where the XSS
	// occurred.
	StackTraces []string `json:"stackTraces,omitempty"`

	// StoredXssSeedingUrl: The reproduction url for the seeding POST
	// request of a Stored XSS.
	StoredXssSeedingUrl string `json:"storedXssSeedingUrl,omitempty"`

	// ForceSendFields is a list of field names (e.g. "AttackVector") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "AttackVector") to include
	// in API requests with the JSON null value. By default, fields with
	// empty values are omitted from API requests. However, any field with
	// an empty value appearing in NullFields will be sent to the server as
	// null. It is an error if a field in this list has a non-empty value.
	// This may be used to include null fields in Patch requests.
	NullFields []string `json:"-"`
}

Xss: Information reported for an XSS.

func (*Xss) MarshalJSON

func (s *Xss) MarshalJSON() ([]byte, error)

type Xxe

type Xxe struct {
	// PayloadLocation: Location within the request where the payload was
	// placed.
	//
	// Possible values:
	//   "LOCATION_UNSPECIFIED" - Unknown Location.
	//   "COMPLETE_REQUEST_BODY" - The XML payload replaced the complete
	// request body.
	PayloadLocation string `json:"payloadLocation,omitempty"`

	// PayloadValue: The XML string that triggered the XXE vulnerability.
	// Non-payload values might be redacted.
	PayloadValue string `json:"payloadValue,omitempty"`

	// ForceSendFields is a list of field names (e.g. "PayloadLocation") to
	// unconditionally include in API requests. By default, fields with
	// empty or default values are omitted from API requests. However, any
	// non-pointer, non-interface field appearing in ForceSendFields will be
	// sent to the server regardless of whether the field is empty or not.
	// This may be used to include empty fields in Patch requests.
	ForceSendFields []string `json:"-"`

	// NullFields is a list of field names (e.g. "PayloadLocation") to
	// include in API requests with the JSON null value. By default, fields
	// with empty values are omitted from API requests. However, any field
	// with an empty value appearing in NullFields will be sent to the
	// server as null. It is an error if a field in this list has a
	// non-empty value. This may be used to include null fields in Patch
	// requests.
	NullFields []string `json:"-"`
}

Xxe: Information reported for an XXE.

func (*Xxe) MarshalJSON

func (s *Xxe) MarshalJSON() ([]byte, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL