-
-
Notifications
You must be signed in to change notification settings - Fork 2.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The -quickout
option should not attempt to write to the directory where ZAP is installed
#7580
Comments
use ./zapout.json |
Or use an absolute path 😁 |
I mean, yes, but this is a horrible default experience (and potentially leaves sensitive data somewhere mysterious). |
I have to say I agree 😉 |
I'd even take an error message of "hey, you have to specify a path, try |
🤔 I haven't looked at the script code, but could you |
It would require some restructuring :/ https://github.com/zaproxy/zaproxy/blob/main/zap/src/main/dist/zap.sh |
Prevent the startup script from changing directory. This ensures that any artifacts created by `zap`, such as the output of `-quickout` will land in the current directory instead of the ZAP installation directory. Closes zaproxy#7580
Describe the bug
Running
zap.sh
with-quickout
will attempt to write the output file to the directory where ZAP is installed instead of the current directory.Steps to reproduce the behavior
zap.sh -cmd -quickurl <whatever> -quickout zapout.json
Results
Writing results to /home/user/Apps/ZAP/zapout.json The directory of given '-quickout' file is not writable:
Expected behavior
The file would be created in my current working directory.
Software versions
ZAP 2.12.0
Screenshots
No response
Errors from the zap.log file
No response
Additional context
No response
Would you like to help fix this issue?
The text was updated successfully, but these errors were encountered: