Request-Based tab
Scan Configuration > Explore Options > Request-Based tab.
- JavaScript™ options determine whether AppScan® should ignore or scan these scripts.
- Explore Mode determines whether AppScan explores all links on a page before continuing to the next page, or explores each new link as it is found.
- WebSphere Portal are for configuring the client to recognize a specific server encoding and to send a specific user-agent header.
- Flash
Setting | Details |
---|---|
JavaScript | |
Parse JavaScript code to discover URLs | AppScan will parse JavaScript code as text data to collect links. |
Explore Mode | |
Breadth First | (Default) AppScan explores page by page, exploring all links on one page before continuing to the
next. It is recommended that you do not change the default selection of this option (Breadth First), unless you are aware of limitations in your application that demand that a user visits links in a specific order. |
Depth First | AppScan
explores link by link, exploring each new link as it is found. If you change the Explore Method to Depth First, you must also change AppScan to use only one thread during the Explore (in Configuration > Communication and Proxy view). |
WebSphere® Portal |
|
Enable WebSphere Portal scanning |
If the site is a WebSphere Portal site, AppScan will need to get URL decoding information from the site for more efficient scanning and to build a useful application tree. To enable decoding, select Enable WebSphere Portal scanning. If the context root URL does not follow the default format, click Add Context Root
URL to add one or more context root URLs.
Tip: If you are not sure what your
portal's context root URL is:
Tip: When scanning a WebSphere
Portal site, it is recommended to use the predefined WebSphere Portal scan template, which is configured for the purpose. |
Flash | |
Parse Flash to discover URLs | AppScan will parse Flash code as text data to collect links. |
Execute Flash files to discover potential vulnerabilities | AppScan will actually play
Flash files and analyze the results to collect links, including dynamic links that may not be
discovered by parsing alone. (This utilizes more system resources than parsing.) Adobe™ Flash Player for Internet Explorer, Version 9.0.124.0 or higher is required. If a supported version is not installed a warning appears next to the check box when selected, and Flash Execution will not run. See Flash content. If you have Adobe Flash Player Version 10.1 or higher, you may get a message that it requires configuration to work with AppScan. See Flash Player configuration. When Flash
Execution is selected, three Flash execution limits can also be configured. These are:
|