Reference documentation and code samples for the Google Cloud Web Security Scanner V1 Client class Finding.
A Finding resource represents a vulnerability instance identified during a ScanRun.
Generated from protobuf message google.cloud.websecurityscanner.v1.Finding
Namespace
Google \ Cloud \ WebSecurityScanner \ V1Methods
__construct
Constructor.
Parameters | |
---|---|
Name | Description |
data |
array
Optional. Data for populating the Message object. |
↳ name |
string
Output only. The resource name of the Finding. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'. The finding IDs are generated by the system. |
↳ finding_type |
string
Output only. The type of the Finding. Detailed and up-to-date information on findings can be found here: https://cloud.google.com/security-command-center/docs/how-to-remediate-web-security-scanner-findings |
↳ severity |
int
Output only. The severity level of the reported vulnerability. |
↳ http_method |
string
Output only. The http method of the request that triggered the vulnerability, in uppercase. |
↳ fuzzed_url |
string
Output only. The URL produced by the server-side fuzzer and used in the request that triggered the vulnerability. |
↳ body |
string
Output only. The body of the request that triggered the vulnerability. |
↳ description |
string
Output only. The description of the vulnerability. |
↳ reproduction_url |
string
Output only. The URL containing human-readable payload that user can leverage to reproduce the vulnerability. |
↳ frame_url |
string
Output only. If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported. |
↳ final_url |
string
Output only. The URL where the browser lands when the vulnerability is detected. |
↳ tracking_id |
string
Output only. The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns. |
↳ form |
Form
Output only. An addon containing information reported for a vulnerability with an HTML form, if any. |
↳ outdated_library |
OutdatedLibrary
Output only. An addon containing information about outdated libraries. |
↳ violating_resource |
ViolatingResource
Output only. An addon containing detailed information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc. |
↳ vulnerable_headers |
VulnerableHeaders
Output only. An addon containing information about vulnerable or missing HTTP headers. |
↳ vulnerable_parameters |
VulnerableParameters
Output only. An addon containing information about request parameters which were found to be vulnerable. |
↳ xss |
Xss
Output only. An addon containing information reported for an XSS, if any. |
↳ xxe |
Xxe
Output only. An addon containing information reported for an XXE, if any. |
getName
Output only. The resource name of the Finding. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'.
The finding IDs are generated by the system.
Returns | |
---|---|
Type | Description |
string |
setName
Output only. The resource name of the Finding. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'.
The finding IDs are generated by the system.
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getFindingType
Output only. The type of the Finding.
Detailed and up-to-date information on findings can be found here: https://cloud.google.com/security-command-center/docs/how-to-remediate-web-security-scanner-findings
Returns | |
---|---|
Type | Description |
string |
setFindingType
Output only. The type of the Finding.
Detailed and up-to-date information on findings can be found here: https://cloud.google.com/security-command-center/docs/how-to-remediate-web-security-scanner-findings
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getSeverity
Output only. The severity level of the reported vulnerability.
Returns | |
---|---|
Type | Description |
int |
setSeverity
Output only. The severity level of the reported vulnerability.
Parameter | |
---|---|
Name | Description |
var |
int
|
Returns | |
---|---|
Type | Description |
$this |
getHttpMethod
Output only. The http method of the request that triggered the vulnerability, in uppercase.
Returns | |
---|---|
Type | Description |
string |
setHttpMethod
Output only. The http method of the request that triggered the vulnerability, in uppercase.
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getFuzzedUrl
Output only. The URL produced by the server-side fuzzer and used in the request that triggered the vulnerability.
Returns | |
---|---|
Type | Description |
string |
setFuzzedUrl
Output only. The URL produced by the server-side fuzzer and used in the request that triggered the vulnerability.
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getBody
Output only. The body of the request that triggered the vulnerability.
Returns | |
---|---|
Type | Description |
string |
setBody
Output only. The body of the request that triggered the vulnerability.
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getDescription
Output only. The description of the vulnerability.
Returns | |
---|---|
Type | Description |
string |
setDescription
Output only. The description of the vulnerability.
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getReproductionUrl
Output only. The URL containing human-readable payload that user can leverage to reproduce the vulnerability.
Returns | |
---|---|
Type | Description |
string |
setReproductionUrl
Output only. The URL containing human-readable payload that user can leverage to reproduce the vulnerability.
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getFrameUrl
Output only. If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported.
Returns | |
---|---|
Type | Description |
string |
setFrameUrl
Output only. If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported.
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getFinalUrl
Output only. The URL where the browser lands when the vulnerability is detected.
Returns | |
---|---|
Type | Description |
string |
setFinalUrl
Output only. The URL where the browser lands when the vulnerability is detected.
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getTrackingId
Output only. The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns.
Returns | |
---|---|
Type | Description |
string |
setTrackingId
Output only. The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns.
Parameter | |
---|---|
Name | Description |
var |
string
|
Returns | |
---|---|
Type | Description |
$this |
getForm
Output only. An addon containing information reported for a vulnerability with an HTML form, if any.
Returns | |
---|---|
Type | Description |
Form|null |
hasForm
clearForm
setForm
Output only. An addon containing information reported for a vulnerability with an HTML form, if any.
Parameter | |
---|---|
Name | Description |
var |
Form
|
Returns | |
---|---|
Type | Description |
$this |
getOutdatedLibrary
Output only. An addon containing information about outdated libraries.
Returns | |
---|---|
Type | Description |
OutdatedLibrary|null |
hasOutdatedLibrary
clearOutdatedLibrary
setOutdatedLibrary
Output only. An addon containing information about outdated libraries.
Parameter | |
---|---|
Name | Description |
var |
OutdatedLibrary
|
Returns | |
---|---|
Type | Description |
$this |
getViolatingResource
Output only. An addon containing detailed information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.
Returns | |
---|---|
Type | Description |
ViolatingResource|null |
hasViolatingResource
clearViolatingResource
setViolatingResource
Output only. An addon containing detailed information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.
Parameter | |
---|---|
Name | Description |
var |
ViolatingResource
|
Returns | |
---|---|
Type | Description |
$this |
getVulnerableHeaders
Output only. An addon containing information about vulnerable or missing HTTP headers.
Returns | |
---|---|
Type | Description |
VulnerableHeaders|null |
hasVulnerableHeaders
clearVulnerableHeaders
setVulnerableHeaders
Output only. An addon containing information about vulnerable or missing HTTP headers.
Parameter | |
---|---|
Name | Description |
var |
VulnerableHeaders
|
Returns | |
---|---|
Type | Description |
$this |
getVulnerableParameters
Output only. An addon containing information about request parameters which were found to be vulnerable.
Returns | |
---|---|
Type | Description |
VulnerableParameters|null |
hasVulnerableParameters
clearVulnerableParameters
setVulnerableParameters
Output only. An addon containing information about request parameters which were found to be vulnerable.
Parameter | |
---|---|
Name | Description |
var |
VulnerableParameters
|
Returns | |
---|---|
Type | Description |
$this |
getXss
Output only. An addon containing information reported for an XSS, if any.
Returns | |
---|---|
Type | Description |
Xss|null |
hasXss
clearXss
setXss
Output only. An addon containing information reported for an XSS, if any.
Parameter | |
---|---|
Name | Description |
var |
Xss
|
Returns | |
---|---|
Type | Description |
$this |
getXxe
Output only. An addon containing information reported for an XXE, if any.
Returns | |
---|---|
Type | Description |
Xxe|null |
hasXxe
clearXxe
setXxe
Output only. An addon containing information reported for an XXE, if any.
Parameter | |
---|---|
Name | Description |
var |
Xxe
|
Returns | |
---|---|
Type | Description |
$this |