Close httplib2 connections.
Gets a Finding.
list(parent, filter=None, pageSize=None, pageToken=None, x__xgafv=None)
List Findings under a given ScanRun.
list_next(previous_request, previous_response)
Retrieves the next page of results.
close()
Close httplib2 connections.
get(name, x__xgafv=None)
Gets a Finding. Args: name: string, Required. The resource name of the Finding to be returned. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}/findings/{findingId}'. (required) x__xgafv: string, V1 error format. Allowed values 1 - v1 error format 2 - v2 error format Returns: An object of the form: { # A Finding resource represents a vulnerability instance identified during a ScanRun. "body": "A String", # The body of the request that triggered the vulnerability. "description": "A String", # The description of the vulnerability. "finalUrl": "A String", # The URL where the browser lands when the vulnerability is detected. "findingType": "A String", # The type of the Finding. Detailed and up-to-date information on findings can be found here: https://cloud.google.com/security-command-center/docs/how-to-remediate-web-security-scanner "form": { # ! Information about a vulnerability with an HTML. # An addon containing information reported for a vulnerability with an HTML form, if any. "actionUri": "A String", # ! The URI where to send the form when it's submitted. "fields": [ # ! The names of form fields related to the vulnerability. "A String", ], }, "frameUrl": "A String", # If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported. "fuzzedUrl": "A String", # The URL produced by the server-side fuzzer and used in the request that triggered the vulnerability. "httpMethod": "A String", # The http method of the request that triggered the vulnerability, in uppercase. "name": "A String", # The resource name of the Finding. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'. The finding IDs are generated by the system. "outdatedLibrary": { # Information reported for an outdated library. # An addon containing information about outdated libraries. "learnMoreUrls": [ # URLs to learn more information about the vulnerabilities in the library. "A String", ], "libraryName": "A String", # The name of the outdated library. "version": "A String", # The version number. }, "reproductionUrl": "A String", # The URL containing human-readable payload that user can leverage to reproduce the vulnerability. "severity": "A String", # The severity level of the reported vulnerability. "trackingId": "A String", # The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns. "violatingResource": { # Information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc. # An addon containing detailed information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc. "contentType": "A String", # The MIME type of this resource. "resourceUrl": "A String", # URL of this violating resource. }, "vulnerableHeaders": { # Information about vulnerable or missing HTTP Headers. # An addon containing information about vulnerable or missing HTTP headers. "headers": [ # List of vulnerable headers. { # Describes a HTTP Header. "name": "A String", # Header name. "value": "A String", # Header value. }, ], "missingHeaders": [ # List of missing headers. { # Describes a HTTP Header. "name": "A String", # Header name. "value": "A String", # Header value. }, ], }, "vulnerableParameters": { # Information about vulnerable request parameters. # An addon containing information about request parameters which were found to be vulnerable. "parameterNames": [ # The vulnerable parameter names. "A String", ], }, "xss": { # Information reported for an XSS. # An addon containing information reported for an XSS, if any. "errorMessage": "A String", # An error message generated by a javascript breakage. "stackTraces": [ # Stack traces leading to the point where the XSS occurred. "A String", ], }, "xxe": { # Information reported for an XXE. # An addon containing information reported for an XXE, if any. "payloadLocation": "A String", # Location within the request where the payload was placed. "payloadValue": "A String", # The XML string that triggered the XXE vulnerability. Non-payload values might be redacted. }, }
list(parent, filter=None, pageSize=None, pageToken=None, x__xgafv=None)
List Findings under a given ScanRun. Args: parent: string, Required. The parent resource name, which should be a scan run resource name in the format 'projects/{projectId}/scanConfigs/{scanConfigId}/scanRuns/{scanRunId}'. (required) filter: string, Required. The filter expression. The expression must be in the format: . Supported field: 'finding_type'. Supported operator: '='. pageSize: integer, The maximum number of Findings to return, can be limited by server. If not specified or not positive, the implementation will select a reasonable value. pageToken: string, A token identifying a page of results to be returned. This should be a `next_page_token` value returned from a previous List request. If unspecified, the first page of results is returned. x__xgafv: string, V1 error format. Allowed values 1 - v1 error format 2 - v2 error format Returns: An object of the form: { # Response for the `ListFindings` method. "findings": [ # The list of Findings returned. { # A Finding resource represents a vulnerability instance identified during a ScanRun. "body": "A String", # The body of the request that triggered the vulnerability. "description": "A String", # The description of the vulnerability. "finalUrl": "A String", # The URL where the browser lands when the vulnerability is detected. "findingType": "A String", # The type of the Finding. Detailed and up-to-date information on findings can be found here: https://cloud.google.com/security-command-center/docs/how-to-remediate-web-security-scanner "form": { # ! Information about a vulnerability with an HTML. # An addon containing information reported for a vulnerability with an HTML form, if any. "actionUri": "A String", # ! The URI where to send the form when it's submitted. "fields": [ # ! The names of form fields related to the vulnerability. "A String", ], }, "frameUrl": "A String", # If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported. "fuzzedUrl": "A String", # The URL produced by the server-side fuzzer and used in the request that triggered the vulnerability. "httpMethod": "A String", # The http method of the request that triggered the vulnerability, in uppercase. "name": "A String", # The resource name of the Finding. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'. The finding IDs are generated by the system. "outdatedLibrary": { # Information reported for an outdated library. # An addon containing information about outdated libraries. "learnMoreUrls": [ # URLs to learn more information about the vulnerabilities in the library. "A String", ], "libraryName": "A String", # The name of the outdated library. "version": "A String", # The version number. }, "reproductionUrl": "A String", # The URL containing human-readable payload that user can leverage to reproduce the vulnerability. "severity": "A String", # The severity level of the reported vulnerability. "trackingId": "A String", # The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns. "violatingResource": { # Information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc. # An addon containing detailed information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc. "contentType": "A String", # The MIME type of this resource. "resourceUrl": "A String", # URL of this violating resource. }, "vulnerableHeaders": { # Information about vulnerable or missing HTTP Headers. # An addon containing information about vulnerable or missing HTTP headers. "headers": [ # List of vulnerable headers. { # Describes a HTTP Header. "name": "A String", # Header name. "value": "A String", # Header value. }, ], "missingHeaders": [ # List of missing headers. { # Describes a HTTP Header. "name": "A String", # Header name. "value": "A String", # Header value. }, ], }, "vulnerableParameters": { # Information about vulnerable request parameters. # An addon containing information about request parameters which were found to be vulnerable. "parameterNames": [ # The vulnerable parameter names. "A String", ], }, "xss": { # Information reported for an XSS. # An addon containing information reported for an XSS, if any. "errorMessage": "A String", # An error message generated by a javascript breakage. "stackTraces": [ # Stack traces leading to the point where the XSS occurred. "A String", ], }, "xxe": { # Information reported for an XXE. # An addon containing information reported for an XXE, if any. "payloadLocation": "A String", # Location within the request where the payload was placed. "payloadValue": "A String", # The XML string that triggered the XXE vulnerability. Non-payload values might be redacted. }, }, ], "nextPageToken": "A String", # Token to retrieve the next page of results, or empty if there are no more results in the list. }
list_next(previous_request, previous_response)
Retrieves the next page of results. Args: previous_request: The request for the previous page. (required) previous_response: The response from the request for the previous page. (required) Returns: A request object that you can call 'execute()' on to request the next page. Returns None if there are no more items in the collection.