How i can trigger httpsender script to add header after authorization script executed?

Question

How i can trigger httpsender script to add header after authorization script executed?

aynacisevda opened this issue 5 years ago · 3 comments

I want to add authorization header to my requests for scanning authorized requests.
I can take my token value from response body by using Authentication script. ( https://gist.github.com/aynacisevda/ab3c15304b861297d9dcd1891d2df4fb )
But although i set this token as Global Variable at Authentication script and call from Http Sender request ( https://gist.github.com/aynacisevda/f3053b8ca1ae42e88990d60909a92e28 ) Authorization header is not added to requests and also could not see that Http Sender request is triggered.
How i can solve this problem?

Answer 1 · 2019-07-24T15:36:27.000Z

Everything seems to be ok...
Did you take a look into what "token" is getting from "GlobalVariables.getGlobalVar("hackazon_token");" in the HTTPSender script? Maybe that shines some light. Sorry for not having the time run your script here...

By the way, we have some discussion lists where you may get quicker answers and a broader audience:
zaproxy-users@googlegroups.com and zaproxy-develop@googlegroups.com

Answer 2 · 2019-07-24T15:43:32.000Z

Yes, for usage questions it's better to ask in zaproxy-users@googlegroups.com

You don't trigger it directly, you just need to enable it. ZAP will automatically execute any HTTP Sender script enabled when a HTTP message is sent/received.

Answer 3 · 2019-07-24T16:53:27.000Z

@thc202 yes it is correct.After enable it ZAP automatically execute HTTP Sender script.
Fixed.