DOM XSS Active Scan Rule - About

Source Code

https://github.com/zaproxy/zap-extensions/tree/master/addOns/domxss

Authors

Aabha Biyani, and the ZAP Dev Team

History

Version 9 - 2019-06-12

  • Use default browser when no browser is specified in the configuration rule.

Version 8 - 2019-06-07

  • Run with Firefox headless by default (Issue 3866).
  • Depend on newer version of Selenium add-on.

Version 7

  • Issue 2918: Added an option to attack URL parameters.

Version 6

  • Minor code changes.
  • Add XSS Polyglot (Issue 2322).

Version 5

  • Updated for 2.7.0.

Version 4

  • Allow to use newer versions of Firefox (Issue 3396).
  • Provide the reason why the scanner was skipped.