Google Cloud Web Security Scanner V1 Client - Class Finding (1.0.0-RC1)

Reference documentation and code samples for the Google Cloud Web Security Scanner V1 Client class Finding.

A Finding resource represents a vulnerability instance identified during a ScanRun.

Generated from protobuf message google.cloud.websecurityscanner.v1.Finding

Namespace

Google \ Cloud \ WebSecurityScanner \ V1

Methods

__construct

Constructor.

Parameters
Name Description
data array

Optional. Data for populating the Message object.

↳ name string

Output only. The resource name of the Finding. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'. The finding IDs are generated by the system.

↳ finding_type string

Output only. The type of the Finding. Detailed and up-to-date information on findings can be found here: https://cloud.google.com/security-command-center/docs/how-to-remediate-web-security-scanner-findings

↳ severity int

Output only. The severity level of the reported vulnerability.

↳ http_method string

Output only. The http method of the request that triggered the vulnerability, in uppercase.

↳ fuzzed_url string

Output only. The URL produced by the server-side fuzzer and used in the request that triggered the vulnerability.

↳ body string

Output only. The body of the request that triggered the vulnerability.

↳ description string

Output only. The description of the vulnerability.

↳ reproduction_url string

Output only. The URL containing human-readable payload that user can leverage to reproduce the vulnerability.

↳ frame_url string

Output only. If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported.

↳ final_url string

Output only. The URL where the browser lands when the vulnerability is detected.

↳ tracking_id string

Output only. The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns.

↳ form Google\Cloud\WebSecurityScanner\V1\Form

Output only. An addon containing information reported for a vulnerability with an HTML form, if any.

↳ outdated_library Google\Cloud\WebSecurityScanner\V1\OutdatedLibrary

Output only. An addon containing information about outdated libraries.

↳ violating_resource Google\Cloud\WebSecurityScanner\V1\ViolatingResource

Output only. An addon containing detailed information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.

↳ vulnerable_headers Google\Cloud\WebSecurityScanner\V1\VulnerableHeaders

Output only. An addon containing information about vulnerable or missing HTTP headers.

↳ vulnerable_parameters Google\Cloud\WebSecurityScanner\V1\VulnerableParameters

Output only. An addon containing information about request parameters which were found to be vulnerable.

↳ xss Google\Cloud\WebSecurityScanner\V1\Xss

Output only. An addon containing information reported for an XSS, if any.

↳ xxe Google\Cloud\WebSecurityScanner\V1\Xxe

Output only. An addon containing information reported for an XXE, if any.

getName

Output only. The resource name of the Finding. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'.

The finding IDs are generated by the system.

Returns
Type Description
string

setName

Output only. The resource name of the Finding. The name follows the format of 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'.

The finding IDs are generated by the system.

Parameter
Name Description
var string
Returns
Type Description
$this

getFindingType

Output only. The type of the Finding.

Detailed and up-to-date information on findings can be found here: https://cloud.google.com/security-command-center/docs/how-to-remediate-web-security-scanner-findings

Returns
Type Description
string

setFindingType

Output only. The type of the Finding.

Detailed and up-to-date information on findings can be found here: https://cloud.google.com/security-command-center/docs/how-to-remediate-web-security-scanner-findings

Parameter
Name Description
var string
Returns
Type Description
$this

getSeverity

Output only. The severity level of the reported vulnerability.

Returns
Type Description
int

setSeverity

Output only. The severity level of the reported vulnerability.

Parameter
Name Description
var int
Returns
Type Description
$this

getHttpMethod

Output only. The http method of the request that triggered the vulnerability, in uppercase.

Returns
Type Description
string

setHttpMethod

Output only. The http method of the request that triggered the vulnerability, in uppercase.

Parameter
Name Description
var string
Returns
Type Description
$this

getFuzzedUrl

Output only. The URL produced by the server-side fuzzer and used in the request that triggered the vulnerability.

Returns
Type Description
string

setFuzzedUrl

Output only. The URL produced by the server-side fuzzer and used in the request that triggered the vulnerability.

Parameter
Name Description
var string
Returns
Type Description
$this

getBody

Output only. The body of the request that triggered the vulnerability.

Returns
Type Description
string

setBody

Output only. The body of the request that triggered the vulnerability.

Parameter
Name Description
var string
Returns
Type Description
$this

getDescription

Output only. The description of the vulnerability.

Returns
Type Description
string

setDescription

Output only. The description of the vulnerability.

Parameter
Name Description
var string
Returns
Type Description
$this

getReproductionUrl

Output only. The URL containing human-readable payload that user can leverage to reproduce the vulnerability.

Returns
Type Description
string

setReproductionUrl

Output only. The URL containing human-readable payload that user can leverage to reproduce the vulnerability.

Parameter
Name Description
var string
Returns
Type Description
$this

getFrameUrl

Output only. If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported.

Returns
Type Description
string

setFrameUrl

Output only. If the vulnerability was originated from nested IFrame, the immediate parent IFrame is reported.

Parameter
Name Description
var string
Returns
Type Description
$this

getFinalUrl

Output only. The URL where the browser lands when the vulnerability is detected.

Returns
Type Description
string

setFinalUrl

Output only. The URL where the browser lands when the vulnerability is detected.

Parameter
Name Description
var string
Returns
Type Description
$this

getTrackingId

Output only. The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns.

Returns
Type Description
string

setTrackingId

Output only. The tracking ID uniquely identifies a vulnerability instance across multiple ScanRuns.

Parameter
Name Description
var string
Returns
Type Description
$this

getForm

Output only. An addon containing information reported for a vulnerability with an HTML form, if any.

Returns
Type Description
Google\Cloud\WebSecurityScanner\V1\Form|null

hasForm

clearForm

setForm

Output only. An addon containing information reported for a vulnerability with an HTML form, if any.

Parameter
Name Description
var Google\Cloud\WebSecurityScanner\V1\Form
Returns
Type Description
$this

getOutdatedLibrary

Output only. An addon containing information about outdated libraries.

Returns
Type Description
Google\Cloud\WebSecurityScanner\V1\OutdatedLibrary|null

hasOutdatedLibrary

clearOutdatedLibrary

setOutdatedLibrary

Output only. An addon containing information about outdated libraries.

Parameter
Name Description
var Google\Cloud\WebSecurityScanner\V1\OutdatedLibrary
Returns
Type Description
$this

getViolatingResource

Output only. An addon containing detailed information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.

Returns
Type Description
Google\Cloud\WebSecurityScanner\V1\ViolatingResource|null

hasViolatingResource

clearViolatingResource

setViolatingResource

Output only. An addon containing detailed information regarding any resource causing the vulnerability such as JavaScript sources, image, audio files, etc.

Parameter
Name Description
var Google\Cloud\WebSecurityScanner\V1\ViolatingResource
Returns
Type Description
$this

getVulnerableHeaders

Output only. An addon containing information about vulnerable or missing HTTP headers.

Returns
Type Description
Google\Cloud\WebSecurityScanner\V1\VulnerableHeaders|null

hasVulnerableHeaders

clearVulnerableHeaders

setVulnerableHeaders

Output only. An addon containing information about vulnerable or missing HTTP headers.

Parameter
Name Description
var Google\Cloud\WebSecurityScanner\V1\VulnerableHeaders
Returns
Type Description
$this

getVulnerableParameters

Output only. An addon containing information about request parameters which were found to be vulnerable.

Returns
Type Description
Google\Cloud\WebSecurityScanner\V1\VulnerableParameters|null

hasVulnerableParameters

clearVulnerableParameters

setVulnerableParameters

Output only. An addon containing information about request parameters which were found to be vulnerable.

Parameter
Name Description
var Google\Cloud\WebSecurityScanner\V1\VulnerableParameters
Returns
Type Description
$this

getXss

Output only. An addon containing information reported for an XSS, if any.

Returns
Type Description
Google\Cloud\WebSecurityScanner\V1\Xss|null

hasXss

clearXss

setXss

Output only. An addon containing information reported for an XSS, if any.

Parameter
Name Description
var Google\Cloud\WebSecurityScanner\V1\Xss
Returns
Type Description
$this

getXxe

Output only. An addon containing information reported for an XXE, if any.

Returns
Type Description
Google\Cloud\WebSecurityScanner\V1\Xxe|null

hasXxe

clearXxe

setXxe

Output only. An addon containing information reported for an XXE, if any.

Parameter
Name Description
var Google\Cloud\WebSecurityScanner\V1\Xxe
Returns
Type Description
$this