exim: Fix Sites Tree export #6232
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1 task
thc202
changed the title
kingthorin
reviewed
Feb 27, 2025
addOns/exim/src/main/java/org/zaproxy/addon/exim/sites/SitesTreeHandler.java
Outdated
Show resolved
Hide resolved
|
Great job, no security vulnerabilities found in this Pull Request |
tenaz3
force-pushed
the
exim-export-malformed-yaml
branch
from
0181958 to
7aaba7d
Compare
kingthorin
reviewed
Mar 7, 2025
addOns/exim/src/test/java/org/zaproxy/addon/exim/sites/SiteTreeHandlerUnitTest.java
Outdated
Show resolved
Hide resolved
tenaz3
force-pushed
the
exim-export-malformed-yaml
branch
from
7aaba7d to
615db38
Compare
thc202
reviewed
Mar 12, 2025
addOns/exim/src/test/java/org/zaproxy/addon/exim/sites/SiteTreeHandlerUnitTest.java
Outdated
Show resolved
Hide resolved
|
The proposed fix seems overly complex/convoluted, IMO it would be better to just use a higher-level library instead (like we do in other places of the codebase). |
@thc202 can you point me out where I can find those examples? Which library? I could adapt the pr. |
|
Any that uses |
@thc202 I applied the change in another commit to be easy to check. Let me know what do you think. That also had a correct yml for one of my targets |
Signed-off-by: Nilson Magalhaes Junior <[email protected]>
tenaz3
force-pushed
the
exim-export-malformed-yaml
branch
from
1ed7b29 to
c8d4e0d
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Overview
ZAP Exim Add-on: Fix for Node Names with Newlines and Special Characters
Purpose
To fix an issue in the ZAP (Zed Attack Proxy) exim add-on where the Sites Tree export functionality was not correctly handling node names that contain newlines and special characters. This caused problems when exporting and then importing site trees with complex node names.
Goals
Ensure proper preservation of newlines and special characters in node names during export/import
Changes Made
YAML Configuration Improvement:
Modified the YAML configuration in SitesTreeHandler.java to use LITERAL scalar style instead of DOUBLE_QUOTED
Created a shared createYaml() method for consistent YAML configuration between export and import operations
Deeply nested paths
Node names with special characters and spaces
Long URLs with encoded characters
Various HTTP methods and response codes
Related Issues
Fixes zaproxy/zaproxy#8858
Checklist
./gradlew spotlessApplyfor code formattingFor more details, please refer to the developer rules and guidelines.