Version 2.2.0
Les modifications suivantes ont été apportées dans cette version :
Changements majeurs :
Issue 717 : Scripts: support multiple scripts and embedding within ZAP components
Support de Mozilla Zest: https://developer.mozilla.org/en-US/docs/Zest
Support de Mozilla Plug-n-Hack : https://developer.mozilla.org/en-US/docs/Plug-n-Hack
Changements mineurs :
Issue 711 : Support scanning of XML requests
Issue 713 : Add CWE and WASC numbers to issues
Problème 719 : Points d'arrêt personnalisés avec plus d'options
Issue 738 : Options to hide tabs / windows
Issue 750 : Upgrade script console to support non textbased scripting languages
Issue 752 : Create a new root CA when first run
Problème 775 : Permettre au serveur d'être configuré par la ligne de commande
Bug Fixes:
Problème 555 : les panneaux Http s'ouvrent par défaut dans la vue hex
Issue 599 : The save session api does not allow to overwrite session already has same name
Issue 630 : URLCanonicalizer.getCanonicalURL produces URIs "half" decoded
Issue 631 : URLCanonicalizer.buildCleanedParametersURIRepresentation returns URIs in percent-encoded form and decoded
Issue 652 : Shutdown after a big scan takes too long (deleting ascan records)
Issue 655 : API encoding issues
Issue 665 : NullPointerException while proxying with a URI with an empty path component
Issue 666 : JSONException while calling an API action without the required parameter(s)
Issue 669 : Certificate algorithm constraints in Java 1.7
Issue 674 : Add HttpSessionAPI to ApiGeneratorUtils
Issue 685 : Add dummy file to "fuzzers" directory
Issue 686 : Log HttpException (as error) in the ProxyThread
Issue 687 : Change HTTP response header parser to be less strict
Issue 690 : Context Authentication URLs don't fail manual overwriting.
Issue 691 : Handle old plugins
Issue 692 : Report the version of java found by zap.sh
Issue 693 : Command line should show all options
Issue 694 : API UI fails on IE
Issue 695 : Sites tree doesnt clear on new session created by API
Issue 696 : Change "Ajax Spider" add-on options to use ZapNumberSpinner
Issue 697 : API action "proxy.pac" might return wrong domain/port
Issue 698 : Passive Scanner API view "recordsToScan" returns -1 after finish scanning the messages
Issue 699 : Fix HTML errors in the help pages
Issue 702 : Do not load newer add-on versions if they are not targeted for the running ZAP version
Issue 703 : Add-on ZAP version constraints "not-before-version" and "not-from-version" are not respected for already "installed" add-ons
Issue 706 : ZAP API doesn't parse correctly query parameters with "&" characters
Issue 710 : URLCanonicalizer.getCanonicalURL fails to correctly parse query parameters with "&" and "=" characters
Issue 712 : HttpSessions API action "setSessionTokenValue" should add the session token name to the site's session tokens
Issue 720 : Cannot send non standard http methods
Issue 721 : Non POST and PUT requests receive a 504 when server expects a request body
Issue 724 : Do not clone the alert's message that will be shown in message panels
Issue 725 : Clear alert's panel fields
Issue 726 : Catch active scanner variants' exceptions
Issue 727 : Name of automatically created HTTP sessions is always in English
Issue 728 : Allow to create a session with a given name through the HttpSessions API
Issue 729 : Update NTLM authentication code
Issue 730 : MissingResourceException while selecting a disabled extension (from an add-on) in the "Extensions" options panel
Issue 731 : MissingResourceException with ExtensionFuzz enabled and ExtensionBruteForce disabled
Issue 736 : Change add-on class loading strategy to parent-last
Issue 737 : Restore "Ajax spider" add-on dependencies
Issue 756 : Allow Context Panels intercommunication
Issue 763 : XML report empty when used in daemon mode
Issue 764 : HTTP fuzz results dont support right click menus
Issue 766 : Searching fuzz results doesnt include the header
Issue 767 : HTTP Session API could be less strict
Issue 772 : Restructuring of Saving/Loading Context Data
Issue 774 : Build doesnt include scripts directory
Issue 776 : Allow add-ons to warn user if they're closing ZAP with unsaved resources open
Issue 777 : Unable to cancel changes when using Include in/Exclude from Context
Problème 782 : NoSuchMethodError en cas d'exclusion d'une URL d'un canal WebSocket du context
Problème 785 : changer zap.sh pour supporter java 1.8
Problème 786 : un élément du menu de session snapshot ne fonctionne pas
Voir aussi
|
Introduction | l'introduction de ZAP
|
|
Releases | l'ensemble complet des releases
|
|
Crédits | les personnes et les groupes qui ont rendu cette release possible
|