This dialog launches the AJAX Spider.
The first tab allows you to change key features like:
The URL which the AJAX spider will start crawling from, or a context (in which case it will be used one of the URLs that are in context as starting point).
Allows to select the Context to be spidered.
Allows to select one of the users available from the selected context, to perform the spider scan as a user (ZAP will (re)authenticate as that user whenever necessary).
If set then any URLs which are out of scope will be ignored.
Note: The option
Just In Scope is mutually exclusive with
Context option, if one is used the other is ignored.
If set then the spider will only access resources that are under the starting point (URI). When evaluating if a resource is found within the specified subtree, the spider considers only the scheme, host, port, and path components of the URI.
The type of browser to use.
Browsers will only be shown if ZAP has sufficient configuration to run them.
They may still fail to run if the browsers cannot be found or if the configuration information is incorrect.
If selected then the Options tab will be shown.
This tab allows you to change options including:
You can configure the number of windows to be used by AJAX Spider.
The more windows, the faster the process will be.
The maximum depth that the crawler can reach. Zero means unlimited depth.
The maximum number of states that the crawler should crawl. Zero means unlimited crawl states.
The maximum time that the crawler is allowed to run. Zero means unlimited running time.
The time to wait after a client side event is fired.
The time to wait after URL is loaded.
The list of allowed resources. The allowed resources are always fetched even if out of scope, allowing to include necessary resources (e.g. scripts) from 3rd-parties.
|AJAX Spider||for an overview of the AJAX Spider|
|AJAX Spider tab||for an overview of the AJAX Spider Tab|
|Options AJAX Spider screen||for an overview of the AJAX Spider Options|