Enum google_api_proto::google::cloud::websecurityscanner::v1alpha::finding::FindingType
source · #[repr(i32)]pub enum FindingType {
Unspecified = 0,
MixedContent = 1,
OutdatedLibrary = 2,
RosettaFlash = 5,
XssCallback = 3,
XssError = 4,
ClearTextPassword = 6,
InvalidContentType = 7,
XssAngularCallback = 8,
InvalidHeader = 9,
MisspelledSecurityHeaderName = 10,
MismatchingSecurityHeaderValues = 11,
}
Expand description
Types of Findings.
Variants§
Unspecified = 0
The invalid finding type.
MixedContent = 1
A page that was served over HTTPS also resources over HTTP. A man-in-the-middle attacker could tamper with the HTTP resource and gain full access to the website that loads the resource or to monitor the actions taken by the user.
OutdatedLibrary = 2
The version of an included library is known to contain a security issue. The scanner checks the version of library in use against a known list of vulnerable libraries. False positives are possible if the version detection fails or if the library has been manually patched.
RosettaFlash = 5
This type of vulnerability occurs when the value of a request parameter is reflected at the beginning of the response, for example, in requests using JSONP. Under certain circumstances, an attacker may be able to supply an alphanumeric-only Flash file in the vulnerable parameter causing the browser to execute the Flash file as if it originated on the vulnerable server.
XssCallback = 3
A cross-site scripting (XSS) bug is found via JavaScript callback. For detailed explanations on XSS, see https://www.google.com/about/appsecurity/learning/xss/.
XssError = 4
A potential cross-site scripting (XSS) bug due to JavaScript breakage. In some circumstances, the application under test might modify the test string before it is parsed by the browser. When the browser attempts to runs this modified test string, it will likely break and throw a JavaScript execution error, thus an injection issue is occurring. However, it may not be exploitable. Manual verification is needed to see if the test string modifications can be evaded and confirm that the issue is in fact an XSS vulnerability. For detailed explanations on XSS, see https://www.google.com/about/appsecurity/learning/xss/.
ClearTextPassword = 6
An application appears to be transmitting a password field in clear text. An attacker can eavesdrop network traffic and sniff the password field.
InvalidContentType = 7
An application returns sensitive content with an invalid content type, or without an ‘X-Content-Type-Options: nosniff’ header.
XssAngularCallback = 8
A cross-site scripting (XSS) vulnerability in AngularJS module that occurs when a user-provided string is interpolated by Angular.
InvalidHeader = 9
A malformed or invalid valued header.
MisspelledSecurityHeaderName = 10
Misspelled security header name.
MismatchingSecurityHeaderValues = 11
Mismatching values in a duplicate security header.
Implementations§
source§impl FindingType
impl FindingType
source§impl FindingType
impl FindingType
sourcepub fn as_str_name(&self) -> &'static str
pub fn as_str_name(&self) -> &'static str
String value of the enum field names used in the ProtoBuf definition.
The values are not transformed in any way and thus are considered stable (if the ProtoBuf definition does not change) and safe for programmatic use.
sourcepub fn from_str_name(value: &str) -> Option<Self>
pub fn from_str_name(value: &str) -> Option<Self>
Creates an enum from field names used in the ProtoBuf definition.
Trait Implementations§
source§impl Clone for FindingType
impl Clone for FindingType
source§fn clone(&self) -> FindingType
fn clone(&self) -> FindingType
1.0.0 · source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source
. Read moresource§impl Debug for FindingType
impl Debug for FindingType
source§impl Default for FindingType
impl Default for FindingType
source§fn default() -> FindingType
fn default() -> FindingType
source§impl From<FindingType> for i32
impl From<FindingType> for i32
source§fn from(value: FindingType) -> i32
fn from(value: FindingType) -> i32
source§impl Hash for FindingType
impl Hash for FindingType
source§impl Ord for FindingType
impl Ord for FindingType
source§fn cmp(&self, other: &FindingType) -> Ordering
fn cmp(&self, other: &FindingType) -> Ordering
1.21.0 · source§fn max(self, other: Self) -> Selfwhere
Self: Sized,
fn max(self, other: Self) -> Selfwhere
Self: Sized,
source§impl PartialEq for FindingType
impl PartialEq for FindingType
source§fn eq(&self, other: &FindingType) -> bool
fn eq(&self, other: &FindingType) -> bool
self
and other
values to be equal, and is used
by ==
.source§impl PartialOrd for FindingType
impl PartialOrd for FindingType
source§fn partial_cmp(&self, other: &FindingType) -> Option<Ordering>
fn partial_cmp(&self, other: &FindingType) -> Option<Ordering>
1.0.0 · source§fn le(&self, other: &Rhs) -> bool
fn le(&self, other: &Rhs) -> bool
self
and other
) and is used by the <=
operator. Read moresource§impl TryFrom<i32> for FindingType
impl TryFrom<i32> for FindingType
§type Error = DecodeError
type Error = DecodeError
source§fn try_from(value: i32) -> Result<FindingType, DecodeError>
fn try_from(value: i32) -> Result<FindingType, DecodeError>
impl Copy for FindingType
impl Eq for FindingType
impl StructuralPartialEq for FindingType
Auto Trait Implementations§
impl Freeze for FindingType
impl RefUnwindSafe for FindingType
impl Send for FindingType
impl Sync for FindingType
impl Unpin for FindingType
impl UnwindSafe for FindingType
Blanket Implementations§
source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
§impl<Q, K> Comparable<K> for Q
impl<Q, K> Comparable<K> for Q
source§impl<Q, K> Equivalent<K> for Q
impl<Q, K> Equivalent<K> for Q
source§fn equivalent(&self, key: &K) -> bool
fn equivalent(&self, key: &K) -> bool
key
and return true
if they are equal.§impl<Q, K> Equivalent<K> for Q
impl<Q, K> Equivalent<K> for Q
§fn equivalent(&self, key: &K) -> bool
fn equivalent(&self, key: &K) -> bool
§impl<Q, K> Equivalent<K> for Q
impl<Q, K> Equivalent<K> for Q
§fn equivalent(&self, key: &K) -> bool
fn equivalent(&self, key: &K) -> bool
key
and return true
if they are equal.§impl<T> Instrument for T
impl<T> Instrument for T
§fn instrument(self, span: Span) -> Instrumented<Self>
fn instrument(self, span: Span) -> Instrumented<Self>
§fn in_current_span(self) -> Instrumented<Self>
fn in_current_span(self) -> Instrumented<Self>
source§impl<T> IntoRequest<T> for T
impl<T> IntoRequest<T> for T
source§fn into_request(self) -> Request<T>
fn into_request(self) -> Request<T>
T
in a tonic::Request