1// Copyright 2019 Google LLC. 2// 3// Licensed under the Apache License, Version 2.0 (the "License"); 4// you may not use this file except in compliance with the License. 5// You may obtain a copy of the License at 6// 7// http://www.apache.org/licenses/LICENSE-2.0 8// 9// Unless required by applicable law or agreed to in writing, software 10// distributed under the License is distributed on an "AS IS" BASIS, 11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12// See the License for the specific language governing permissions and 13// limitations under the License. 14// 15 16syntax = "proto3"; 17 18package google.cloud.websecurityscanner.v1alpha; 19 20option go_package = "cloud.google.com/go/websecurityscanner/apiv1alpha/websecurityscannerpb;websecurityscannerpb"; 21option java_multiple_files = true; 22option java_outer_classname = "FindingAddonProto"; 23option java_package = "com.google.cloud.websecurityscanner.v1alpha"; 24 25// Information reported for an outdated library. 26message OutdatedLibrary { 27 // The name of the outdated library. 28 string library_name = 1; 29 30 // The version number. 31 string version = 2; 32 33 // URLs to learn more information about the vulnerabilities in the library. 34 repeated string learn_more_urls = 3; 35} 36 37// Information regarding any resource causing the vulnerability such 38// as JavaScript sources, image, audio files, etc. 39message ViolatingResource { 40 // The MIME type of this resource. 41 string content_type = 1; 42 43 // URL of this violating resource. 44 string resource_url = 2; 45} 46 47// Information about vulnerable request parameters. 48message VulnerableParameters { 49 // The vulnerable parameter names. 50 repeated string parameter_names = 1; 51} 52 53// Information about vulnerable or missing HTTP Headers. 54message VulnerableHeaders { 55 // Describes a HTTP Header. 56 message Header { 57 // Header name. 58 string name = 1; 59 60 // Header value. 61 string value = 2; 62 } 63 64 // List of vulnerable headers. 65 repeated Header headers = 1; 66 67 // List of missing headers. 68 repeated Header missing_headers = 2; 69} 70 71// Information reported for an XSS. 72message Xss { 73 // Stack traces leading to the point where the XSS occurred. 74 repeated string stack_traces = 1; 75 76 // An error message generated by a javascript breakage. 77 string error_message = 2; 78} 79