[DEPRECATED] Using Web Security Scanner to Find Vulnerabilities in an App Engine Application Reviews

Anthony B. · Reviewed בערך 6 שנים ago

Possible bug in form validation of : Web Security Scanner -> Create a new scan (Field) Starting URL: [Example URL:] https://qwiklabs-gcp-02-f1559cbabbf0.el.r.appspot.com/ 
Error popup on clicking save: One of the starting URLs is not correctly formed The URL was returned by app engine gcloud deploy: https://screenshot.googleplex.com/r2vZFmc6HAx

Kedareshwar C. · Reviewed בערך 6 שנים ago

Simone P. · Reviewed בערך 6 שנים ago

Meenakshi Sundaram P. · Reviewed בערך 6 שנים ago

Fabio C. · Reviewed בערך 6 שנים ago

Scan couldn't be created. When I used URL with just 'appspot.com' in the end as in the description: http://qwiklabs-gcp-02-25e579f22684.appspot.com Error message was: "One of the starting URLs is not hosted on the current project" If I tried to use the one I saw in the console after deployment: https://qwiklabs-gcp-02-25e579f22684.uc.r.appspot.com/ Error message was: "One of the starting URLs is not correctly formed" I tried both http and https, with and without '/' at the end - no luck...

Yevgen K. · Reviewed בערך 6 שנים ago

Doesn't work. 2nd time I have tried it and got stuck with an error.

Stefan D. · Reviewed בערך 6 שנים ago

Ramana P. · Reviewed בערך 6 שנים ago

MUHAMMAD H. · Reviewed בערך 6 שנים ago

Vidhi G. · Reviewed בערך 6 שנים ago

Muhammad Abdur R. · Reviewed בערך 6 שנים ago

Please review this lab. Could not run any scans, as was supposed to use https://qwiklabs-gcp-04-3b4959bf755f.appspot.com which worked in the browser, but gave an error "One of the starting URLs is not hosted on the current project" upon creating the scan. Tried to retrieve the app engine url inside the console "https://qwiklabs-gcp-04-3b4959bf755f.ue.r.appspot.com/", but this one gave that it is malformed..

Oleksandr O. · Reviewed בערך 6 שנים ago

Hieronim S. · Reviewed בערך 6 שנים ago

Yogesh H. · Reviewed בערך 6 שנים ago

Víctor B. · Reviewed בערך 6 שנים ago

Germán Z. · Reviewed בערך 6 שנים ago

Francisco José G. · Reviewed בערך 6 שנים ago

Web security scanner doesn't work with the appengine url.

Brent E. · Reviewed בערך 6 שנים ago

Daniele C. · Reviewed בערך 6 שנים ago

Manuel L. · Reviewed בערך 6 שנים ago

Johnervan L. · Reviewed בערך 6 שנים ago

Several errors ecnountered: The return statement does not let the code finish, therefore no XSS can be encountered. The scanner informs, that the appspot URL is not within the own project. Scan cannot be performed.

Flo S. · Reviewed בערך 6 שנים ago

you have to put "from flask import escape" otherwise the escape function will return error

Ren Z. · Reviewed בערך 6 שנים ago

Stanislav B. · Reviewed בערך 6 שנים ago

Carlos V. · Reviewed בערך 6 שנים ago