Types for Google Cloud Websecurityscanner v1alpha API¶
- class google.cloud.websecurityscanner_v1alpha.types.CrawledUrl(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA CrawledUrl resource represents a URL that was crawled during a ScanRun. Web Security Scanner Service crawls the web applications, following all links within the scope of sites, to find the URLs to test against.
- http_method¶
Output only. The http method of the request that was used to visit the URL, in uppercase.
- Type
- class google.cloud.websecurityscanner_v1alpha.types.CreateScanConfigRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageRequest for the
CreateScanConfigmethod.- parent¶
Required. The parent resource name where the scan is created, which should be a project resource name in the format ‘projects/{projectId}’.
- Type
- scan_config¶
Required. The ScanConfig to be created.
- class google.cloud.websecurityscanner_v1alpha.types.DeleteScanConfigRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageRequest for the
DeleteScanConfigmethod.
- class google.cloud.websecurityscanner_v1alpha.types.Finding(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA Finding resource represents a vulnerability instance identified during a ScanRun.
- name¶
The resource name of the Finding. The name follows the format of ‘projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}’. The finding IDs are generated by the system.
- Type
- finding_type¶
The type of the Finding.
- http_method¶
The http method of the request that triggered the vulnerability, in uppercase.
- Type
- fuzzed_url¶
The URL produced by the server-side fuzzer and used in the request that triggered the vulnerability.
- Type
- reproduction_url¶
The URL containing human-readable payload that user can leverage to reproduce the vulnerability.
- Type
- frame_url¶
If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported.
- Type
- tracking_id¶
The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns.
- Type
- outdated_library¶
An addon containing information about outdated libraries.
- violating_resource¶
An addon containing detailed information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.
- vulnerable_headers¶
An addon containing information about vulnerable or missing HTTP headers.
- vulnerable_parameters¶
An addon containing information about request parameters which were found to be vulnerable.
- xss¶
An addon containing information reported for an XSS, if any.
- class FindingType(value)[source]¶
Bases:
proto.enums.EnumTypes of Findings.
- Values:
- FINDING_TYPE_UNSPECIFIED (0):
The invalid finding type.
- MIXED_CONTENT (1):
A page that was served over HTTPS also resources over HTTP. A man-in-the-middle attacker could tamper with the HTTP resource and gain full access to the website that loads the resource or to monitor the actions taken by the user.
- OUTDATED_LIBRARY (2):
The version of an included library is known to contain a security issue. The scanner checks the version of library in use against a known list of vulnerable libraries. False positives are possible if the version detection fails or if the library has been manually patched.
- ROSETTA_FLASH (5):
This type of vulnerability occurs when the value of a request parameter is reflected at the beginning of the response, for example, in requests using JSONP. Under certain circumstances, an attacker may be able to supply an alphanumeric-only Flash file in the vulnerable parameter causing the browser to execute the Flash file as if it originated on the vulnerable server.
- XSS_CALLBACK (3):
A cross-site scripting (XSS) bug is found via JavaScript callback. For detailed explanations on XSS, see https://www.google.com/about/appsecurity/learning/xss/.
- XSS_ERROR (4):
A potential cross-site scripting (XSS) bug due to JavaScript breakage. In some circumstances, the application under test might modify the test string before it is parsed by the browser. When the browser attempts to runs this modified test string, it will likely break and throw a JavaScript execution error, thus an injection issue is occurring. However, it may not be exploitable. Manual verification is needed to see if the test string modifications can be evaded and confirm that the issue is in fact an XSS vulnerability. For detailed explanations on XSS, see https://www.google.com/about/appsecurity/learning/xss/.
- CLEAR_TEXT_PASSWORD (6):
An application appears to be transmitting a password field in clear text. An attacker can eavesdrop network traffic and sniff the password field.
- INVALID_CONTENT_TYPE (7):
An application returns sensitive content with an invalid content type, or without an ‘X-Content-Type-Options: nosniff’ header.
- XSS_ANGULAR_CALLBACK (8):
A cross-site scripting (XSS) vulnerability in AngularJS module that occurs when a user-provided string is interpolated by Angular.
- INVALID_HEADER (9):
A malformed or invalid valued header.
- MISSPELLED_SECURITY_HEADER_NAME (10):
Misspelled security header name.
- MISMATCHING_SECURITY_HEADER_VALUES (11):
Mismatching values in a duplicate security header.
- class google.cloud.websecurityscanner_v1alpha.types.FindingTypeStats(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA FindingTypeStats resource represents stats regarding a specific FindingType of Findings under a given ScanRun.
- finding_type¶
The finding type associated with the stats.
- class google.cloud.websecurityscanner_v1alpha.types.GetFindingRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageRequest for the
GetFindingmethod.
- class google.cloud.websecurityscanner_v1alpha.types.GetScanConfigRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageRequest for the
GetScanConfigmethod.
- class google.cloud.websecurityscanner_v1alpha.types.GetScanRunRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageRequest for the
GetScanRunmethod.
- class google.cloud.websecurityscanner_v1alpha.types.ListCrawledUrlsRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageRequest for the
ListCrawledUrlsmethod.- parent¶
Required. The parent resource name, which should be a scan run resource name in the format ‘projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}’.
- Type
- page_token¶
A token identifying a page of results to be returned. This should be a
next_page_tokenvalue returned from a previous List request. If unspecified, the first page of results is returned.- Type
- class google.cloud.websecurityscanner_v1alpha.types.ListCrawledUrlsResponse(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageResponse for the
ListCrawledUrlsmethod.- crawled_urls¶
The list of CrawledUrls returned.
- Type
MutableSequence[google.cloud.websecurityscanner_v1alpha.types.CrawledUrl]
- class google.cloud.websecurityscanner_v1alpha.types.ListFindingTypeStatsRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageRequest for the
ListFindingTypeStatsmethod.
- class google.cloud.websecurityscanner_v1alpha.types.ListFindingTypeStatsResponse(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageResponse for the
ListFindingTypeStatsmethod.- finding_type_stats¶
The list of FindingTypeStats returned.
- Type
MutableSequence[google.cloud.websecurityscanner_v1alpha.types.FindingTypeStats]
- class google.cloud.websecurityscanner_v1alpha.types.ListFindingsRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageRequest for the
ListFindingsmethod.- parent¶
Required. The parent resource name, which should be a scan run resource name in the format ‘projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}’.
- Type
- filter¶
Required. The filter expression. The expression must be in the format: . Supported field: ‘finding_type’. Supported operator: ‘=’.
- Type
- page_token¶
A token identifying a page of results to be returned. This should be a
next_page_tokenvalue returned from a previous List request. If unspecified, the first page of results is returned.- Type
- class google.cloud.websecurityscanner_v1alpha.types.ListFindingsResponse(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageResponse for the
ListFindingsmethod.- findings¶
The list of Findings returned.
- Type
MutableSequence[google.cloud.websecurityscanner_v1alpha.types.Finding]
- class google.cloud.websecurityscanner_v1alpha.types.ListScanConfigsRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageRequest for the
ListScanConfigsmethod.- parent¶
Required. The parent resource name, which should be a project resource name in the format ‘projects/{projectId}’.
- Type
- page_token¶
A token identifying a page of results to be returned. This should be a
next_page_tokenvalue returned from a previous List request. If unspecified, the first page of results is returned.- Type
- class google.cloud.websecurityscanner_v1alpha.types.ListScanConfigsResponse(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageResponse for the
ListScanConfigsmethod.- scan_configs¶
The list of ScanConfigs returned.
- Type
MutableSequence[google.cloud.websecurityscanner_v1alpha.types.ScanConfig]
- class google.cloud.websecurityscanner_v1alpha.types.ListScanRunsRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageRequest for the
ListScanRunsmethod.- parent¶
Required. The parent resource name, which should be a scan resource name in the format ‘projects/{projectId}/scanConfigs/{scanConfigId}’.
- Type
- page_token¶
A token identifying a page of results to be returned. This should be a
next_page_tokenvalue returned from a previous List request. If unspecified, the first page of results is returned.- Type
- class google.cloud.websecurityscanner_v1alpha.types.ListScanRunsResponse(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageResponse for the
ListScanRunsmethod.- scan_runs¶
The list of ScanRuns returned.
- Type
MutableSequence[google.cloud.websecurityscanner_v1alpha.types.ScanRun]
- class google.cloud.websecurityscanner_v1alpha.types.OutdatedLibrary(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageInformation reported for an outdated library.
- class google.cloud.websecurityscanner_v1alpha.types.ScanConfig(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA ScanConfig resource contains the configurations to launch a scan. next id: 12
- name¶
The resource name of the ScanConfig. The name follows the format of ‘projects/{projectId}/scanConfigs/{scanConfigId}’. The ScanConfig IDs are generated by the system.
- Type
- max_qps¶
The maximum QPS during scanning. A valid value ranges from 5 to 20 inclusively. If the field is unspecified or its value is set 0, server will default to 15. Other values outside of [5, 20] range will be rejected with INVALID_ARGUMENT error.
- Type
- starting_urls¶
Required. The starting URLs from which the scanner finds site pages.
- Type
MutableSequence[str]
- authentication¶
The authentication configuration. If specified, service will use the authentication configuration during scanning.
- user_agent¶
The user agent used during scanning.
- blacklist_patterns¶
The blacklist URL patterns as described in https://cloud.google.com/security-scanner/docs/excluded-urls
- Type
MutableSequence[str]
- schedule¶
The schedule of the ScanConfig.
- target_platforms¶
Set of Cloud Platforms targeted by the scan. If empty, APP_ENGINE will be used as a default.
- Type
MutableSequence[google.cloud.websecurityscanner_v1alpha.types.ScanConfig.TargetPlatform]
- latest_run¶
Latest ScanRun if available.
- class Authentication(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageScan authentication configuration.
This message has oneof fields (mutually exclusive fields). For each oneof, at most one member field can be set at the same time. Setting any member of the oneof automatically clears all other members.
- google_account¶
Authentication using a Google account.
This field is a member of oneof
authentication.
- custom_account¶
Authentication using a custom account.
This field is a member of oneof
authentication.
- class CustomAccount(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageDescribes authentication configuration that uses a custom account.
- password¶
Required. Input only. The password of the custom account. The credential is stored encrypted and not returned in any response nor included in audit logs.
- Type
- class GoogleAccount(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageDescribes authentication configuration that uses a Google account.
- class Schedule(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageScan schedule configuration.
- schedule_time¶
A timestamp indicates when the next run will be scheduled. The value is refreshed by the server after each run. If unspecified, it will default to current server time, which means the scan will be scheduled to start immediately.
- class TargetPlatform(value)[source]¶
Bases:
proto.enums.EnumCloud platforms supported by Cloud Web Security Scanner.
- Values:
- TARGET_PLATFORM_UNSPECIFIED (0):
The target platform is unknown. Requests with this enum value will be rejected with INVALID_ARGUMENT error.
- APP_ENGINE (1):
Google App Engine service.
- COMPUTE (2):
Google Compute Engine service.
- class UserAgent(value)[source]¶
Bases:
proto.enums.EnumType of user agents used for scanning.
- Values:
- USER_AGENT_UNSPECIFIED (0):
The user agent is unknown. Service will default to CHROME_LINUX.
- CHROME_LINUX (1):
Chrome on Linux. This is the service default if unspecified.
- CHROME_ANDROID (2):
Chrome on Android.
- SAFARI_IPHONE (3):
Safari on IPhone.
- class google.cloud.websecurityscanner_v1alpha.types.ScanRun(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageA ScanRun is a output-only resource representing an actual run of the scan.
- name¶
The resource name of the ScanRun. The name follows the format of ‘projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}’. The ScanRun IDs are generated by the system.
- Type
- execution_state¶
The execution state of the ScanRun.
- result_state¶
The result state of the ScanRun. This field is only available after the execution state reaches “FINISHED”.
- start_time¶
The time at which the ScanRun started.
- end_time¶
The time at which the ScanRun reached termination state - that the ScanRun is either finished or stopped by user.
- urls_crawled_count¶
The number of URLs crawled during this ScanRun. If the scan is in progress, the value represents the number of URLs crawled up to now.
- Type
- urls_tested_count¶
The number of URLs tested during this ScanRun. If the scan is in progress, the value represents the number of URLs tested up to now. The number of URLs tested is usually larger than the number URLS crawled because typically a crawled URL is tested with multiple test payloads.
- Type
- progress_percent¶
The percentage of total completion ranging from 0 to 100. If the scan is in queue, the value is 0. If the scan is running, the value ranges from 0 to 100. If the scan is finished, the value is 100.
- Type
- class ExecutionState(value)[source]¶
Bases:
proto.enums.EnumTypes of ScanRun execution state.
- Values:
- EXECUTION_STATE_UNSPECIFIED (0):
Represents an invalid state caused by internal server error. This value should never be returned.
- QUEUED (1):
The scan is waiting in the queue.
- SCANNING (2):
The scan is in progress.
- FINISHED (3):
The scan is either finished or stopped by user.
- class ResultState(value)[source]¶
Bases:
proto.enums.EnumTypes of ScanRun result state.
- Values:
- RESULT_STATE_UNSPECIFIED (0):
Default value. This value is returned when the ScanRun is not yet finished.
- SUCCESS (1):
The scan finished without errors.
- ERROR (2):
The scan finished with errors.
- KILLED (3):
The scan was terminated by user.
- class google.cloud.websecurityscanner_v1alpha.types.StartScanRunRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageRequest for the
StartScanRunmethod.
- class google.cloud.websecurityscanner_v1alpha.types.StopScanRunRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageRequest for the
StopScanRunmethod.
- class google.cloud.websecurityscanner_v1alpha.types.UpdateScanConfigRequest(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageRequest for the
UpdateScanConfigRequestmethod.- scan_config¶
Required. The ScanConfig to be updated. The name field must be set to identify the resource to be updated. The values of fields not covered by the mask will be ignored.
- update_mask¶
Required. The update mask applies to the resource. For the
FieldMaskdefinition, see https://developers.google.com/protocol-buffers/docs/reference/google.protobuf#fieldmask
- class google.cloud.websecurityscanner_v1alpha.types.ViolatingResource(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageInformation regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.
- class google.cloud.websecurityscanner_v1alpha.types.VulnerableHeaders(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageInformation about vulnerable or missing HTTP Headers.
- headers¶
List of vulnerable headers.
- Type
MutableSequence[google.cloud.websecurityscanner_v1alpha.types.VulnerableHeaders.Header]
- missing_headers¶
List of missing headers.
- Type
MutableSequence[google.cloud.websecurityscanner_v1alpha.types.VulnerableHeaders.Header]
- class google.cloud.websecurityscanner_v1alpha.types.VulnerableParameters(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageInformation about vulnerable request parameters.
- class google.cloud.websecurityscanner_v1alpha.types.Xss(mapping=None, *, ignore_unknown_fields=False, **kwargs)[source]¶
Bases:
proto.message.MessageInformation reported for an XSS.
