search

zaproxy / zaproxy

The ZAP core project
https://www.zaproxy.org
Apache License 2.0
12.21k stars 2.21k forks source link

The default view of opening fuzzer window, can not add locations #8492

Closed wallenZhao2046 closed 1 month ago

wallenZhao2046 commented 1 month ago

Describe the bug

When open fuzzer window, the default view can not add locations, the add button in fuzzer location dialog is disabled. You have to click the combination to display Header and body button, then the add button in fuzzer location dialog will be enabled. For first-time users of Fuzzer, it can be confusing as to why the inability to set a location causes the Fuzzer to be unusable.

The default view, the add button is disabled image

Clicked to display header and body button, the add button is enabled image

Steps to reproduce the behavior

  1. From the site list, select the HTTP request you want to fuzz test. Right-click and select Attack ⇒ "Send to Fuzzer".
  2. In the fuzzer window, you will see this bug

Expected behavior

expect the add button in fuzzer location dialog is enabled. Or the default view is the combination to display Header and body.

Software versions

Zap version 2.15.0

Screenshots

No response

Errors from the zap.log file

No response

Additional context

No response

Would you like to help fix this issue?

kingthorin commented 1 month ago

I believe that's by design.

How would ZAP know where you want the payload added?

🤪 As far as I know we don't have any neural input options 🤪

If there's a bug it's actually that position 0 in the header is selected when changing views.

thc202 commented 1 month ago

That's not a bug either.

kingthorin commented 1 month ago

Please let us know if you feel something is outstanding here.