-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathzap-header.js
38 lines (31 loc) · 1.5 KB
/
zap-header.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
// example for setting a custom HTTP header for each request.
// The proxyRequest and proxyResponse functions will be called for all requests and responses made via ZAP,
// excluding some of the automated tools
// If they return 'false' then the corresponding request / response will be dropped.
// You can use msg.setForceIntercept(true) in either method to force a break point
// Note that new proxy scripts will initially be disabled
// Right click the script in the Scripts tree and select "enable"
// The following handles differences in printing between Java 7's Rhino JS engine
// and Java 8's Nashorn JS engine
if (typeof println == 'undefined') this.println = print;
/**
* This function allows interaction with proxy requests (i.e.: outbound from the browser/client to the server).
*
* @param msg - the HTTP request being proxied. This is an HttpMessage object.
*/
function proxyRequest(msg) {
// Debugging can be done using println like this
println('proxyRequest called for url=' + msg.getRequestHeader().getURI().toString())
msg.getRequestHeader().setHeader("user-auth", "test-user")
return true
}
/**
* This function allows interaction with proxy responses (i.e.: inbound from the server to the browser/client).
*
* @param msg - the HTTP response being proxied. This is an HttpMessage object.
*/
function proxyResponse(msg) {
// Debugging can be done using println like this
println('proxyResponse called for url=' + msg.getRequestHeader().getURI().toString())
return true
}