1*d5c09012SAndroid Build Coastguard Worker// Copyright 2019 Google LLC. 2*d5c09012SAndroid Build Coastguard Worker// 3*d5c09012SAndroid Build Coastguard Worker// Licensed under the Apache License, Version 2.0 (the "License"); 4*d5c09012SAndroid Build Coastguard Worker// you may not use this file except in compliance with the License. 5*d5c09012SAndroid Build Coastguard Worker// You may obtain a copy of the License at 6*d5c09012SAndroid Build Coastguard Worker// 7*d5c09012SAndroid Build Coastguard Worker// http://www.apache.org/licenses/LICENSE-2.0 8*d5c09012SAndroid Build Coastguard Worker// 9*d5c09012SAndroid Build Coastguard Worker// Unless required by applicable law or agreed to in writing, software 10*d5c09012SAndroid Build Coastguard Worker// distributed under the License is distributed on an "AS IS" BASIS, 11*d5c09012SAndroid Build Coastguard Worker// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12*d5c09012SAndroid Build Coastguard Worker// See the License for the specific language governing permissions and 13*d5c09012SAndroid Build Coastguard Worker// limitations under the License. 14*d5c09012SAndroid Build Coastguard Worker// 15*d5c09012SAndroid Build Coastguard Worker 16*d5c09012SAndroid Build Coastguard Workersyntax = "proto3"; 17*d5c09012SAndroid Build Coastguard Worker 18*d5c09012SAndroid Build Coastguard Workerpackage google.cloud.websecurityscanner.v1alpha; 19*d5c09012SAndroid Build Coastguard Worker 20*d5c09012SAndroid Build Coastguard Workerimport "google/api/resource.proto"; 21*d5c09012SAndroid Build Coastguard Workerimport "google/cloud/websecurityscanner/v1alpha/finding_addon.proto"; 22*d5c09012SAndroid Build Coastguard Worker 23*d5c09012SAndroid Build Coastguard Workeroption go_package = "cloud.google.com/go/websecurityscanner/apiv1alpha/websecurityscannerpb;websecurityscannerpb"; 24*d5c09012SAndroid Build Coastguard Workeroption java_multiple_files = true; 25*d5c09012SAndroid Build Coastguard Workeroption java_outer_classname = "FindingProto"; 26*d5c09012SAndroid Build Coastguard Workeroption java_package = "com.google.cloud.websecurityscanner.v1alpha"; 27*d5c09012SAndroid Build Coastguard Worker 28*d5c09012SAndroid Build Coastguard Worker// A Finding resource represents a vulnerability instance identified during a 29*d5c09012SAndroid Build Coastguard Worker// ScanRun. 30*d5c09012SAndroid Build Coastguard Workermessage Finding { 31*d5c09012SAndroid Build Coastguard Worker option (google.api.resource) = { 32*d5c09012SAndroid Build Coastguard Worker type: "websecurityscanner.googleapis.com/Finding" 33*d5c09012SAndroid Build Coastguard Worker pattern: "projects/{project}/scanConfigs/{scan_config}/scanRuns/{scan_run}/findings/{finding}" 34*d5c09012SAndroid Build Coastguard Worker }; 35*d5c09012SAndroid Build Coastguard Worker 36*d5c09012SAndroid Build Coastguard Worker // Types of Findings. 37*d5c09012SAndroid Build Coastguard Worker enum FindingType { 38*d5c09012SAndroid Build Coastguard Worker // The invalid finding type. 39*d5c09012SAndroid Build Coastguard Worker FINDING_TYPE_UNSPECIFIED = 0; 40*d5c09012SAndroid Build Coastguard Worker 41*d5c09012SAndroid Build Coastguard Worker // A page that was served over HTTPS also resources over HTTP. A 42*d5c09012SAndroid Build Coastguard Worker // man-in-the-middle attacker could tamper with the HTTP resource and gain 43*d5c09012SAndroid Build Coastguard Worker // full access to the website that loads the resource or to monitor the 44*d5c09012SAndroid Build Coastguard Worker // actions taken by the user. 45*d5c09012SAndroid Build Coastguard Worker MIXED_CONTENT = 1; 46*d5c09012SAndroid Build Coastguard Worker 47*d5c09012SAndroid Build Coastguard Worker // The version of an included library is known to contain a security issue. 48*d5c09012SAndroid Build Coastguard Worker // The scanner checks the version of library in use against a known list of 49*d5c09012SAndroid Build Coastguard Worker // vulnerable libraries. False positives are possible if the version 50*d5c09012SAndroid Build Coastguard Worker // detection fails or if the library has been manually patched. 51*d5c09012SAndroid Build Coastguard Worker OUTDATED_LIBRARY = 2; 52*d5c09012SAndroid Build Coastguard Worker 53*d5c09012SAndroid Build Coastguard Worker // This type of vulnerability occurs when the value of a request parameter 54*d5c09012SAndroid Build Coastguard Worker // is reflected at the beginning of the response, for example, in requests 55*d5c09012SAndroid Build Coastguard Worker // using JSONP. Under certain circumstances, an attacker may be able to 56*d5c09012SAndroid Build Coastguard Worker // supply an alphanumeric-only Flash file in the vulnerable parameter 57*d5c09012SAndroid Build Coastguard Worker // causing the browser to execute the Flash file as if it originated on the 58*d5c09012SAndroid Build Coastguard Worker // vulnerable server. 59*d5c09012SAndroid Build Coastguard Worker ROSETTA_FLASH = 5; 60*d5c09012SAndroid Build Coastguard Worker 61*d5c09012SAndroid Build Coastguard Worker // A cross-site scripting (XSS) bug is found via JavaScript callback. For 62*d5c09012SAndroid Build Coastguard Worker // detailed explanations on XSS, see 63*d5c09012SAndroid Build Coastguard Worker // https://www.google.com/about/appsecurity/learning/xss/. 64*d5c09012SAndroid Build Coastguard Worker XSS_CALLBACK = 3; 65*d5c09012SAndroid Build Coastguard Worker 66*d5c09012SAndroid Build Coastguard Worker // A potential cross-site scripting (XSS) bug due to JavaScript breakage. 67*d5c09012SAndroid Build Coastguard Worker // In some circumstances, the application under test might modify the test 68*d5c09012SAndroid Build Coastguard Worker // string before it is parsed by the browser. When the browser attempts to 69*d5c09012SAndroid Build Coastguard Worker // runs this modified test string, it will likely break and throw a 70*d5c09012SAndroid Build Coastguard Worker // JavaScript execution error, thus an injection issue is occurring. 71*d5c09012SAndroid Build Coastguard Worker // However, it may not be exploitable. Manual verification is needed to see 72*d5c09012SAndroid Build Coastguard Worker // if the test string modifications can be evaded and confirm that the issue 73*d5c09012SAndroid Build Coastguard Worker // is in fact an XSS vulnerability. For detailed explanations on XSS, see 74*d5c09012SAndroid Build Coastguard Worker // https://www.google.com/about/appsecurity/learning/xss/. 75*d5c09012SAndroid Build Coastguard Worker XSS_ERROR = 4; 76*d5c09012SAndroid Build Coastguard Worker 77*d5c09012SAndroid Build Coastguard Worker // An application appears to be transmitting a password field in clear text. 78*d5c09012SAndroid Build Coastguard Worker // An attacker can eavesdrop network traffic and sniff the password field. 79*d5c09012SAndroid Build Coastguard Worker CLEAR_TEXT_PASSWORD = 6; 80*d5c09012SAndroid Build Coastguard Worker 81*d5c09012SAndroid Build Coastguard Worker // An application returns sensitive content with an invalid content type, 82*d5c09012SAndroid Build Coastguard Worker // or without an 'X-Content-Type-Options: nosniff' header. 83*d5c09012SAndroid Build Coastguard Worker INVALID_CONTENT_TYPE = 7; 84*d5c09012SAndroid Build Coastguard Worker 85*d5c09012SAndroid Build Coastguard Worker // A cross-site scripting (XSS) vulnerability in AngularJS module that 86*d5c09012SAndroid Build Coastguard Worker // occurs when a user-provided string is interpolated by Angular. 87*d5c09012SAndroid Build Coastguard Worker XSS_ANGULAR_CALLBACK = 8; 88*d5c09012SAndroid Build Coastguard Worker 89*d5c09012SAndroid Build Coastguard Worker // A malformed or invalid valued header. 90*d5c09012SAndroid Build Coastguard Worker INVALID_HEADER = 9; 91*d5c09012SAndroid Build Coastguard Worker 92*d5c09012SAndroid Build Coastguard Worker // Misspelled security header name. 93*d5c09012SAndroid Build Coastguard Worker MISSPELLED_SECURITY_HEADER_NAME = 10; 94*d5c09012SAndroid Build Coastguard Worker 95*d5c09012SAndroid Build Coastguard Worker // Mismatching values in a duplicate security header. 96*d5c09012SAndroid Build Coastguard Worker MISMATCHING_SECURITY_HEADER_VALUES = 11; 97*d5c09012SAndroid Build Coastguard Worker } 98*d5c09012SAndroid Build Coastguard Worker 99*d5c09012SAndroid Build Coastguard Worker // The resource name of the Finding. The name follows the format of 100*d5c09012SAndroid Build Coastguard Worker // 'projects/{projectId}/scanConfigs/{scanConfigId}/scanruns/{scanRunId}/findings/{findingId}'. 101*d5c09012SAndroid Build Coastguard Worker // The finding IDs are generated by the system. 102*d5c09012SAndroid Build Coastguard Worker string name = 1; 103*d5c09012SAndroid Build Coastguard Worker 104*d5c09012SAndroid Build Coastguard Worker // The type of the Finding. 105*d5c09012SAndroid Build Coastguard Worker FindingType finding_type = 2; 106*d5c09012SAndroid Build Coastguard Worker 107*d5c09012SAndroid Build Coastguard Worker // The http method of the request that triggered the vulnerability, in 108*d5c09012SAndroid Build Coastguard Worker // uppercase. 109*d5c09012SAndroid Build Coastguard Worker string http_method = 3; 110*d5c09012SAndroid Build Coastguard Worker 111*d5c09012SAndroid Build Coastguard Worker // The URL produced by the server-side fuzzer and used in the request that 112*d5c09012SAndroid Build Coastguard Worker // triggered the vulnerability. 113*d5c09012SAndroid Build Coastguard Worker string fuzzed_url = 4; 114*d5c09012SAndroid Build Coastguard Worker 115*d5c09012SAndroid Build Coastguard Worker // The body of the request that triggered the vulnerability. 116*d5c09012SAndroid Build Coastguard Worker string body = 5; 117*d5c09012SAndroid Build Coastguard Worker 118*d5c09012SAndroid Build Coastguard Worker // The description of the vulnerability. 119*d5c09012SAndroid Build Coastguard Worker string description = 6; 120*d5c09012SAndroid Build Coastguard Worker 121*d5c09012SAndroid Build Coastguard Worker // The URL containing human-readable payload that user can leverage to 122*d5c09012SAndroid Build Coastguard Worker // reproduce the vulnerability. 123*d5c09012SAndroid Build Coastguard Worker string reproduction_url = 7; 124*d5c09012SAndroid Build Coastguard Worker 125*d5c09012SAndroid Build Coastguard Worker // If the vulnerability was originated from nested IFrame, the immediate 126*d5c09012SAndroid Build Coastguard Worker // parent IFrame is reported. 127*d5c09012SAndroid Build Coastguard Worker string frame_url = 8; 128*d5c09012SAndroid Build Coastguard Worker 129*d5c09012SAndroid Build Coastguard Worker // The URL where the browser lands when the vulnerability is detected. 130*d5c09012SAndroid Build Coastguard Worker string final_url = 9; 131*d5c09012SAndroid Build Coastguard Worker 132*d5c09012SAndroid Build Coastguard Worker // The tracking ID uniquely identifies a vulnerability instance across 133*d5c09012SAndroid Build Coastguard Worker // multiple ScanRuns. 134*d5c09012SAndroid Build Coastguard Worker string tracking_id = 10; 135*d5c09012SAndroid Build Coastguard Worker 136*d5c09012SAndroid Build Coastguard Worker // An addon containing information about outdated libraries. 137*d5c09012SAndroid Build Coastguard Worker OutdatedLibrary outdated_library = 11; 138*d5c09012SAndroid Build Coastguard Worker 139*d5c09012SAndroid Build Coastguard Worker // An addon containing detailed information regarding any resource causing the 140*d5c09012SAndroid Build Coastguard Worker // vulnerability such as JavaScript sources, image, audio files, etc. 141*d5c09012SAndroid Build Coastguard Worker ViolatingResource violating_resource = 12; 142*d5c09012SAndroid Build Coastguard Worker 143*d5c09012SAndroid Build Coastguard Worker // An addon containing information about vulnerable or missing HTTP headers. 144*d5c09012SAndroid Build Coastguard Worker VulnerableHeaders vulnerable_headers = 15; 145*d5c09012SAndroid Build Coastguard Worker 146*d5c09012SAndroid Build Coastguard Worker // An addon containing information about request parameters which were found 147*d5c09012SAndroid Build Coastguard Worker // to be vulnerable. 148*d5c09012SAndroid Build Coastguard Worker VulnerableParameters vulnerable_parameters = 13; 149*d5c09012SAndroid Build Coastguard Worker 150*d5c09012SAndroid Build Coastguard Worker // An addon containing information reported for an XSS, if any. 151*d5c09012SAndroid Build Coastguard Worker Xss xss = 14; 152*d5c09012SAndroid Build Coastguard Worker} 153