search

zaproxy / zaproxy

The ZAP core project
https://www.zaproxy.org
Apache License 2.0
12.21k stars 2.21k forks source link

Unable to generate the report #8504

Closed bawejaVanshita closed 4 weeks ago

bawejaVanshita commented 4 weeks ago

Describe the bug

tried to download json report and got the error(attached the screenshot of error) image

Steps to reproduce the behavior

  1. Started the scan using Manual Explore.
  2. Performed spidering
  3. performed Active scan then.
  4. After completion of active scan, go to report option.
  5. click generate report
  6. choose the "traditional json report" template .

Expected behavior

Should download the json report

Software versions

Software version- 2.15.0 Report Generation add on - 0.32.0 checked the updates, no update available

Screenshots

No response

Errors from the zap.log file

Stack Trace ``` 2024-05-29 15:57:03,036 [AWT-EventQueue-0] ERROR ReportDialog - Failed to generate a report using template Traditional JSON Report org.thymeleaf.exceptions.TemplateProcessingException: Exception evaluating OGNL expression: "helper.legacyEscapeText(instance.param, true)" (template: "C:\Users\qwerty\ZAP\reports\traditional-json\report.json" - line 25, col 20) at org.thymeleaf.standard.expression.OGNLVariableExpressionEvaluator.evaluate(OGNLVariableExpressionEvaluator.java:199) ~[?:?] at org.thymeleaf.standard.expression.OGNLVariableExpressionEvaluator.evaluate(OGNLVariableExpressionEvaluator.java:104) ~[?:?] at org.thymeleaf.standard.expression.VariableExpression.executeVariableExpression(VariableExpression.java:166) ~[?:?] at org.thymeleaf.standard.expression.SimpleExpression.executeSimple(SimpleExpression.java:66) ~[?:?] at org.thymeleaf.standard.expression.Expression.execute(Expression.java:109) ~[?:?] at org.thymeleaf.standard.expression.Expression.execute(Expression.java:138) ~[?:?] at org.thymeleaf.standard.processor.StandardUtextTagProcessor.doProcess(StandardUtextTagProcessor.java:87) ~[?:?] at org.thymeleaf.processor.element.AbstractAttributeTagProcessor.doProcess(AbstractAttributeTagProcessor.java:74) ~[?:?] at org.thymeleaf.processor.element.AbstractElementTagProcessor.process(AbstractElementTagProcessor.java:95) ~[?:?] at org.thymeleaf.util.ProcessorConfigurationUtils$ElementTagProcessorWrapper.process(ProcessorConfigurationUtils.java:633) ~[?:?] at org.thymeleaf.engine.ProcessorTemplateHandler.handleOpenElement(ProcessorTemplateHandler.java:1314) ~[?:?] at org.thymeleaf.engine.OpenElementTag.beHandled(OpenElementTag.java:205) ~[?:?] at org.thymeleaf.engine.Model.process(Model.java:282) ~[?:?] at org.thymeleaf.engine.Model.process(Model.java:290) ~[?:?] at org.thymeleaf.engine.IteratedGatheringModelProcessable.processIterationModel(IteratedGatheringModelProcessable.java:368) ~[?:?] at org.thymeleaf.engine.IteratedGatheringModelProcessable.process(IteratedGatheringModelProcessable.java:222) ~[?:?] at org.thymeleaf.engine.ProcessorTemplateHandler.handleCloseElement(ProcessorTemplateHandler.java:1640) ~[?:?] at org.thymeleaf.engine.CloseElementTag.beHandled(CloseElementTag.java:139) ~[?:?] at org.thymeleaf.engine.Model.process(Model.java:282) ~[?:?] at org.thymeleaf.engine.Model.process(Model.java:290) ~[?:?] at org.thymeleaf.engine.IteratedGatheringModelProcessable.processIterationModel(IteratedGatheringModelProcessable.java:368) ~[?:?] at org.thymeleaf.engine.IteratedGatheringModelProcessable.process(IteratedGatheringModelProcessable.java:222) ~[?:?] at org.thymeleaf.engine.ProcessorTemplateHandler.handleCloseElement(ProcessorTemplateHandler.java:1640) ~[?:?] at org.thymeleaf.engine.CloseElementTag.beHandled(CloseElementTag.java:139) ~[?:?] at org.thymeleaf.engine.Model.process(Model.java:282) ~[?:?] at org.thymeleaf.engine.Model.process(Model.java:290) ~[?:?] at org.thymeleaf.engine.IteratedGatheringModelProcessable.processIterationModel(IteratedGatheringModelProcessable.java:368) ~[?:?] at org.thymeleaf.engine.IteratedGatheringModelProcessable.process(IteratedGatheringModelProcessable.java:222) ~[?:?] at org.thymeleaf.engine.ProcessorTemplateHandler.handleCloseElement(ProcessorTemplateHandler.java:1640) ~[?:?] at org.thymeleaf.engine.CloseElementTag.beHandled(CloseElementTag.java:139) ~[?:?] at org.thymeleaf.engine.TemplateModel.process(TemplateModel.java:136) ~[?:?] at org.thymeleaf.engine.TemplateManager.parseAndProcess(TemplateManager.java:661) ~[?:?] at org.thymeleaf.TemplateEngine.process(TemplateEngine.java:1103) ~[?:?] at org.thymeleaf.TemplateEngine.process(TemplateEngine.java:1072) ~[?:?] at org.zaproxy.addon.reports.ExtensionReports.generateReport(ExtensionReports.java:437) ~[?:?] at org.zaproxy.addon.reports.ReportDialog.save(ReportDialog.java:502) ~[?:?] at org.zaproxy.zap.view.StandardFieldsDialog.savePressed(StandardFieldsDialog.java:428) ~[zap-2.15.0.jar:2.15.0] at org.zaproxy.zap.view.StandardFieldsDialog$3.actionPerformed(StandardFieldsDialog.java:411) ~[zap-2.15.0.jar:2.15.0] at javax.swing.AbstractButton.fireActionPerformed(AbstractButton.java:1972) ~[?:?] at javax.swing.AbstractButton$Handler.actionPerformed(AbstractButton.java:2313) ~[?:?] at javax.swing.DefaultButtonModel.fireActionPerformed(DefaultButtonModel.java:405) ~[?:?] at javax.swing.DefaultButtonModel.setPressed(DefaultButtonModel.java:262) ~[?:?] at javax.swing.plaf.basic.BasicButtonListener.mouseReleased(BasicButtonListener.java:279) ~[?:?] at java.awt.Component.processMouseEvent(Component.java:6620) ~[?:?] at javax.swing.JComponent.processMouseEvent(JComponent.java:3398) ~[?:?] at java.awt.Component.processEvent(Component.java:6385) ~[?:?] at java.awt.Container.processEvent(Container.java:2266) ~[?:?] at java.awt.Component.dispatchEventImpl(Component.java:4995) ~[?:?] at java.awt.Container.dispatchEventImpl(Container.java:2324) ~[?:?] at java.awt.Component.dispatchEvent(Component.java:4827) ~[?:?] at java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:4948) ~[?:?] at java.awt.LightweightDispatcher.processMouseEvent(Container.java:4575) ~[?:?] at java.awt.LightweightDispatcher.dispatchEvent(Container.java:4516) ~[?:?] at java.awt.Container.dispatchEventImpl(Container.java:2310) ~[?:?] at java.awt.Window.dispatchEventImpl(Window.java:2780) ~[?:?] at java.awt.Component.dispatchEvent(Component.java:4827) ~[?:?] at java.awt.EventQueue.dispatchEventImpl(EventQueue.java:775) ~[?:?] at java.awt.EventQueue$4.run(EventQueue.java:720) ~[?:?] at java.awt.EventQueue$4.run(EventQueue.java:714) ~[?:?] at java.security.AccessController.doPrivileged(AccessController.java:399) [?:?] at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:86) ~[?:?] at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:97) ~[?:?] at java.awt.EventQueue$5.run(EventQueue.java:747) ~[?:?] at java.awt.EventQueue$5.run(EventQueue.java:745) ~[?:?] at java.security.AccessController.doPrivileged(AccessController.java:399) [?:?] at java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:86) [?:?] at java.awt.EventQueue.dispatchEvent(EventQueue.java:744) [?:?] at java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:203) [?:?] at java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:124) [?:?] at java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:113) [?:?] at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:109) [?:?] at java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:101) [?:?] at java.awt.EventDispatchThread.run(EventDispatchThread.java:90) [?:?] Caused by: org.thymeleaf.exceptions.TemplateProcessingException: Instantiation of new objects and access to static classes or parameters is forbidden in this context at org.thymeleaf.standard.expression.OGNLVariableExpressionEvaluator.obtainComputedOGNLExpression(OGNLVariableExpressionEvaluator.java:221) ~[?:?] at org.thymeleaf.standard.expression.OGNLVariableExpressionEvaluator.evaluate(OGNLVariableExpressionEvaluator.java:132) ~[?:?] ... 72 more ```

Additional context

No response

Would you like to help fix this issue?

kingthorin commented 4 weeks ago

Would you be able to provide the session that leads to the error?

thc202 commented 4 weeks ago

This is a duplicate of #7993. To fix/workaround delete the file mentioned in the error and restart ZAP.

kingthorin commented 4 weeks ago

Should we create an FAQ?

thc202 commented 4 weeks ago

Better to fix the issue (now added to the current milestone).