The following changes were made in this release:
External applications can now be invoked from the Sites and History tabs.
The passive scanner now looks for vulnerabilities, such as:
|Autocomplete forms with password fields|
|Cookies without the ‘HttpOnly’ flag|
|SSL Cookies without the ‘secure’ flag|
A new ‘Generate XML Report…’ menu item is now included in the top level Reports menu.
Requests submitted by the Manual Request Editor and
Resend dialogs are now shown in the Sites and History tabs.
A new ‘Method’ pull down allows you to switch between the HTTP methods, this automatically moves parameters between the URL and the body when a POST method is selected or deselected.
The delay in milliseconds between each active scanner request can now be set via the Options Active Scan screen. This will increase the time an active scan takes but will reduce the load on the target.
The scanner counts in the footer are now displayed on the right hand side.
|Introduction||the introduction to ZAP|
|Releases||the full set of releases|
|Credits||the people and groups who have made this release possible|