add test create 3000 users
This commit is contained in:
File diff suppressed because one or more lines are too long
@@ -0,0 +1,103 @@
|
||||
{
|
||||
"@programName": "ZAP",
|
||||
"@version": "2.17.0",
|
||||
"@generated": "Mon, 8 Jun 2026 05:33:02",
|
||||
"created": "2026-06-08T05:33:02.123437092Z",
|
||||
"insights":[
|
||||
{
|
||||
"level": "Info",
|
||||
"reason": "Informational",
|
||||
"site": "http://host.docker.internal:5173",
|
||||
"key": "insight.code.4xx",
|
||||
"description": "Percentage of responses with status code 4xx",
|
||||
"statistic": "100"
|
||||
},
|
||||
{
|
||||
"level": "Info",
|
||||
"reason": "Informational",
|
||||
"site": "http://host.docker.internal:5173",
|
||||
"key": "insight.endpoint.ctype.text/plain",
|
||||
"description": "Percentage of endpoints with content type text/plain",
|
||||
"statistic": "100"
|
||||
},
|
||||
{
|
||||
"level": "Info",
|
||||
"reason": "Informational",
|
||||
"site": "http://host.docker.internal:5173",
|
||||
"key": "insight.endpoint.method.GET",
|
||||
"description": "Percentage of endpoints with method GET",
|
||||
"statistic": "100"
|
||||
},
|
||||
{
|
||||
"level": "Info",
|
||||
"reason": "Informational",
|
||||
"site": "http://host.docker.internal:5173",
|
||||
"key": "insight.endpoint.total",
|
||||
"description": "Count of total endpoints",
|
||||
"statistic": "2"
|
||||
}
|
||||
],
|
||||
"site":[
|
||||
{
|
||||
"@name": "http://host.docker.internal:5173",
|
||||
"@host": "host.docker.internal",
|
||||
"@port": "5173",
|
||||
"@ssl": "false",
|
||||
"alerts": [
|
||||
{
|
||||
"pluginid": "10049",
|
||||
"alertRef": "10049-1",
|
||||
"alert": "Non-Storable Content",
|
||||
"name": "Non-Storable Content",
|
||||
"riskcode": "0",
|
||||
"confidence": "2",
|
||||
"riskdesc": "Informational (Medium)",
|
||||
"desc": "<p>The response contents are not storable by caching components such as proxy servers. If the response does not contain sensitive, personal or user-specific information, it may benefit from being stored and cached, to improve performance.</p>",
|
||||
"instances":[
|
||||
{
|
||||
"id": "3",
|
||||
"uri": "http://host.docker.internal:5173",
|
||||
"nodeName": "http:\/\/host.docker.internal:5173",
|
||||
"method": "GET",
|
||||
"param": "",
|
||||
"attack": "",
|
||||
"evidence": "403",
|
||||
"otherinfo": ""
|
||||
},
|
||||
{
|
||||
"id": "2",
|
||||
"uri": "http://host.docker.internal:5173/robots.txt",
|
||||
"nodeName": "http:\/\/host.docker.internal:5173\/robots.txt",
|
||||
"method": "GET",
|
||||
"param": "",
|
||||
"attack": "",
|
||||
"evidence": "403",
|
||||
"otherinfo": ""
|
||||
},
|
||||
{
|
||||
"id": "1",
|
||||
"uri": "http://host.docker.internal:5173/sitemap.xml",
|
||||
"nodeName": "http:\/\/host.docker.internal:5173\/sitemap.xml",
|
||||
"method": "GET",
|
||||
"param": "",
|
||||
"attack": "",
|
||||
"evidence": "403",
|
||||
"otherinfo": ""
|
||||
}
|
||||
],
|
||||
"count": "3",
|
||||
"systemic": false,
|
||||
"solution": "<p>The content may be marked as storable by ensuring that the following conditions are satisfied:</p><p>The request method must be understood by the cache and defined as being cacheable (\"GET\", \"HEAD\", and \"POST\" are currently defined as cacheable)</p><p>The response status code must be understood by the cache (one of the 1XX, 2XX, 3XX, 4XX, or 5XX response classes are generally understood)</p><p>The \"no-store\" cache directive must not appear in the request or response header fields</p><p>For caching by \"shared\" caches such as \"proxy\" caches, the \"private\" response directive must not appear in the response</p><p>For caching by \"shared\" caches such as \"proxy\" caches, the \"Authorization\" header field must not appear in the request, unless the response explicitly allows it (using one of the \"must-revalidate\", \"public\", or \"s-maxage\" Cache-Control response directives)</p><p>In addition to the conditions above, at least one of the following conditions must also be satisfied by the response:</p><p>It must contain an \"Expires\" header field</p><p>It must contain a \"max-age\" response directive</p><p>For \"shared\" caches such as \"proxy\" caches, it must contain a \"s-maxage\" response directive</p><p>It must contain a \"Cache Control Extension\" that allows it to be cached</p><p>It must have a status code that is defined as cacheable by default (200, 203, 204, 206, 300, 301, 404, 405, 410, 414, 501).</p>",
|
||||
"otherinfo": "",
|
||||
"reference": "<p>https://datatracker.ietf.org/doc/html/rfc7234</p><p>https://datatracker.ietf.org/doc/html/rfc7231</p><p>https://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html</p>",
|
||||
"cweid": "524",
|
||||
"wascid": "13",
|
||||
"sourceid": "1"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"sequences":[
|
||||
]
|
||||
|
||||
}
|
||||
@@ -0,0 +1,40 @@
|
||||
env:
|
||||
contexts:
|
||||
- excludePaths: []
|
||||
name: baseline
|
||||
urls:
|
||||
- http://host.docker.internal:4173
|
||||
parameters:
|
||||
failOnError: true
|
||||
progressToStdout: false
|
||||
jobs:
|
||||
- parameters:
|
||||
enableTags: false
|
||||
maxAlertsPerRule: 10
|
||||
type: passiveScan-config
|
||||
- parameters:
|
||||
maxDuration: 1
|
||||
url: http://host.docker.internal:4173
|
||||
type: spider
|
||||
- parameters:
|
||||
maxDuration: 0
|
||||
type: passiveScan-wait
|
||||
- parameters:
|
||||
format: Long
|
||||
summaryFile: /home/zap/zap_out.json
|
||||
rules: []
|
||||
type: outputSummary
|
||||
- parameters:
|
||||
reportDescription: ''
|
||||
reportDir: /zap/wrk/
|
||||
reportFile: zap-preview.html
|
||||
reportTitle: ZAP Scanning Report
|
||||
template: traditional-html
|
||||
type: report
|
||||
- parameters:
|
||||
reportDescription: ''
|
||||
reportDir: /zap/wrk/
|
||||
reportFile: zap-preview.json
|
||||
reportTitle: ZAP Scanning Report
|
||||
template: traditional-json
|
||||
type: report
|
||||
Reference in New Issue
Block a user