On Demand Scans use Browser Based Analyzer
What does this MR do and why?
- On Demand Scans will use the browser based analyzer when the feature flag
dast_ods_browser_based_scanner
is turned on- Adds the feature flag
- Adds the
DAST_BROWSER_SCAN
CI variable to the On Demand Scan CI job when the feature flag is on. Also removesDAST_USE_AJAX_SPIDER
since it conflicts with the former.
Related Issue: Modify DAST On Demand Scan CI Configuration to ... (#430191 - closed)
Screenshots or screen recordings
How to set up and validate locally
- Setup GDK
- Turn on the feature flag from Rails console
Feature.enable(:dast_ods_browser_based_scanner)
- Try to run a new On Demand Scan (Secure -> On Demand Scans)
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.
Related to #430191 (closed)