ASA 2762 (#115)

ASA-2762 Update DASTScan.java
HCL-TECH-SOFTWARE · Nov 8, 2023 · 8d32cac · 8d32cac
1 parent b1b096c
commit 8d32cac
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 1 deletion.
diff --git a/src/main/java/com/hcl/appscan/sdk/CoreConstants.java b/src/main/java/com/hcl/appscan/sdk/CoreConstants.java
@@ -126,7 +126,8 @@ public interface CoreConstants {
 	String ERROR_SUBMITTING_SCAN		= "error.submit.scan";									//$NON-NLS-1$
 	String ERROR_UPLOADING_FILE			= "error.upload.file";									//$NON-NLS-1$
 	String ERROR_GETTING_INFO			= "error.getting.info";									//$NON-NLS-1$
-	String FORMAT_PARAMS			        = "FormatParams";								        //$NON-NLS-1$
+    String ERROR_URL_VALIDATION			= "error.url.validation";								//$NON-NLS-1$
+    String FORMAT_PARAMS			        = "FormatParams";								        //$NON-NLS-1$
 
 	// ASE Status Messages
 	String CREATING_JOB                 = "message.creating.job";                               //$NON-NLS-1$

diff --git a/src/main/java/com/hcl/appscan/sdk/messages.properties b/src/main/java/com/hcl/appscan/sdk/messages.properties
@@ -50,6 +50,7 @@ error.dom.state=Bad DOM state.
 error.http=Response Code: {0}\nReason: {1}
 error.login.type.deprectated=The specified login type is deprecated. Please use API key and secret.
 error.getting.info=An error occurred getting information for {0} with id {1}.
+error.url.validation = An error occurred while validating the URL.
 
 #Presence
 error.getting.presence.details=An error occurred retrieving details for Presence with id {0}.

diff --git a/src/main/java/com/hcl/appscan/sdk/scanners/dynamic/DASTScan.java b/src/main/java/com/hcl/appscan/sdk/scanners/dynamic/DASTScan.java
@@ -10,13 +10,15 @@
 import java.io.IOException;
 import java.util.Map;
 
+import com.hcl.appscan.sdk.CoreConstants;
 import com.hcl.appscan.sdk.Messages;
 import com.hcl.appscan.sdk.error.InvalidTargetException;
 import com.hcl.appscan.sdk.error.ScannerException;
 import com.hcl.appscan.sdk.logging.DefaultProgress;
 import com.hcl.appscan.sdk.logging.IProgress;
 import com.hcl.appscan.sdk.scan.IScanServiceProvider;
 import com.hcl.appscan.sdk.scanners.ASoCScan;
+import com.hcl.appscan.sdk.utils.ServiceUtil;
 
 public class DASTScan extends ASoCScan implements DASTConstants {
 
@@ -42,6 +44,10 @@ public void run() throws ScannerException, InvalidTargetException {
 		Map<String, String> params = getProperties();
 		params.put(STARTING_URL, target);
 
+        	if(!ServiceUtil.isValidUrl(params.get(STARTING_URL),getServiceProvider().getAuthenticationProvider())) {
+            		throw new ScannerException(Messages.getMessage(CoreConstants.ERROR_URL_VALIDATION));
+        	}
+
 		String scanLoginType = null;
 		if (params.get(LOGIN_TYPE) != null) {
 			scanLoginType = params.get(LOGIN_TYPE);