[DEPRECATED] Using Web Security Scanner to Find Vulnerabilities in an App Engine Application Reviews

Anthony B. · Reviewed около 6 лет ago

Possible bug in form validation of : Web Security Scanner -> Create a new scan (Field) Starting URL: [Example URL:] https://qwiklabs-gcp-02-f1559cbabbf0.el.r.appspot.com/ 
Error popup on clicking save: One of the starting URLs is not correctly formed The URL was returned by app engine gcloud deploy: https://screenshot.googleplex.com/r2vZFmc6HAx

Kedareshwar C. · Reviewed около 6 лет ago

Simone P. · Reviewed около 6 лет ago

Meenakshi Sundaram P. · Reviewed около 6 лет ago

Fabio C. · Reviewed около 6 лет ago

Scan couldn't be created. When I used URL with just 'appspot.com' in the end as in the description: http://qwiklabs-gcp-02-25e579f22684.appspot.com Error message was: "One of the starting URLs is not hosted on the current project" If I tried to use the one I saw in the console after deployment: https://qwiklabs-gcp-02-25e579f22684.uc.r.appspot.com/ Error message was: "One of the starting URLs is not correctly formed" I tried both http and https, with and without '/' at the end - no luck...

Yevgen K. · Reviewed около 6 лет ago

Doesn't work. 2nd time I have tried it and got stuck with an error.

Stefan D. · Reviewed около 6 лет ago

Ramana P. · Reviewed около 6 лет ago

MUHAMMAD H. · Reviewed около 6 лет ago

Vidhi G. · Reviewed около 6 лет ago

Muhammad Abdur R. · Reviewed около 6 лет ago

Please review this lab. Could not run any scans, as was supposed to use https://qwiklabs-gcp-04-3b4959bf755f.appspot.com which worked in the browser, but gave an error "One of the starting URLs is not hosted on the current project" upon creating the scan. Tried to retrieve the app engine url inside the console "https://qwiklabs-gcp-04-3b4959bf755f.ue.r.appspot.com/", but this one gave that it is malformed..

Oleksandr O. · Reviewed около 6 лет ago

Hieronim S. · Reviewed около 6 лет ago

Yogesh H. · Reviewed около 6 лет ago

Víctor B. · Reviewed около 6 лет ago

Germán Z. · Reviewed около 6 лет ago

Francisco José G. · Reviewed около 6 лет ago

Web security scanner doesn't work with the appengine url.

Brent E. · Reviewed около 6 лет ago

Daniele C. · Reviewed около 6 лет ago

Manuel L. · Reviewed около 6 лет ago

Johnervan L. · Reviewed около 6 лет ago

Several errors ecnountered: The return statement does not let the code finish, therefore no XSS can be encountered. The scanner informs, that the appspot URL is not within the own project. Scan cannot be performed.

Flo S. · Reviewed около 6 лет ago

you have to put "from flask import escape" otherwise the escape function will return error

Ren Z. · Reviewed около 6 лет ago

Stanislav B. · Reviewed около 6 лет ago

Carlos V. · Reviewed около 6 лет ago