Realign DAST site validation frontend with backend (!46475) · Merge requests · GitLab.org / GitLab

Paul Gascou-Vaillancourt requested to merge fix-dast-site-validation into master Oct 29, 2020

What does this MR do?

Re #233020 (comment 438461945)

This addresses a few discrepancies between the frontend and the backend for DAST Site Validation.

How to test this?

Enable the feature flag:

echo "Feature.enable(:security_on_demand_scans_site_validation)" | rails c

In a project, open the New site profile form (/:group/:project/-/security/configuration/dast_profiles/dast_site_profiles/new.
Fill-in the profile's target URL and enable the Validate target site toggle.

Screenshots (strongly suggested)

Before	After

Does this MR meet the acceptance criteria?

Conformity

[-] Changelog entry (feature-flagged)
[-] Documentation (if required)
Code review guidelines
[-] Merge request performance guidelines
Style guides
[-] Database guides
Separation of EE specific content

Availability and Testing

Review and add/update tests for this feature/bug. Consider all test levels. See the Test Planning Process.
[-] Tested in all supported browsers
[-] Informed Infrastructure department of a default or new setting change, if applicable per definition of done

Security

If this MR contains changes to processing or storing of credentials or tokens, authorization and authentication methods and other items described in the security review guidelines:

Label as security and @ mention @gitlab-com/gl-security/appsec
The MR includes necessary changes to maintain consistency between UI, API, email, or other methods
Security reports checked/validated by a reviewer from the AppSec team

Edited Nov 04, 2020 by Paul Gascou-Vaillancourt

Realign DAST site validation frontend with backend