Closed GoogleCodeExporter closed 9 years ago
What form of authentication and session management are you using?
Can you provide a suitably sanitized version of the exported Context?
Original comment by psii...@gmail.com
on 11 Mar 2015 at 1:52
1. Authentication is Form Based and Session mgmt is cookie based
2. While I recorded request became as
"name=vin3%40mailinator.com&pass=123456&form_build_id=form-xxxxxxx&form_id=user_
login&captcha_sid=xxxxxx&captcha_token=xxxxxxxxxcaptcha_response=xxxxx&op=Log+in
"
and I added a user with different credentials let say my email id.
and when U run Advanced active scan I exepect that request should contain new
added user's login , but it has old one only
Original comment by kumarnip...@gmail.com
on 11 Mar 2015 at 4:40
I think I got things working.
I am able to see selected user name in Responses of other URLs or Page.
Does it mean BODY of request for Login will not contain new user credentials
but response will?
If it is so, plz confirm
Original comment by kumarnip...@gmail.com
on 12 Mar 2015 at 11:31
ZAP has been migrated to github
This issue will be on github issues with the same ID:
https://github.com/zaproxy/zaproxy/issues
Original comment by psii...@gmail.com
on 5 Jun 2015 at 9:18
Original issue reported on code.google.com by
kumarnip...@gmail.com
on 11 Mar 2015 at 1:02