This repo defines 2 related ZAP browser extensions.
A browser extension which allows ZAP to interact directly with the browser. It also allows you to record whatever you do in a browser as Zest scripts. These can be used to handle complicated authentication flows or sequences of related actions.
Works in both Firefox and Chrome. The Chrome extension also works in Edge but is not currently in the Edge Add-ons Store.
Initially generated from https://github.com/abhijithvijayan/web-extension-starter/tree/react-typescript
Only Firefox, Chrome and Edge have been tested - Opera may or may not work 😉
This extension is bundled in the ZAP Client Side Integration add-on, so you typically do not need to install it manually.
The latest published extensions are still available via the relevant stores:
This extension only allows you to record Zest scripts in the browser. It will not interact with ZAP, even if you have it running.
You can use this extension to record Zest scripts on a system on which ZAP is not running.
The latest published extensions are available via the relevant stores:
- Firefox - ZAP by Checkmarx Recorder
- Chrome - ZAP by Checkmarx Recorder
- Edge - ZAP by Checkmarx Recorder
Ensure you have
Then run the following:
yarn installto install dependencies.yarn run dev:chrometo start the development server for the full chrome extensionyarn run dev:firefoxto start the development server for the full firefox addonyarn run dev:operato start the development server for the full opera extensionyarn run build:ext:chrometo build the full chrome extensionyarn run build:ext:firefoxto build the full firefox addonyarn run build:ext:operato build the full opera extensionyarn run build:extbuilds and packs the full extensions all at once to extension/ directoryyarn run build:rec:chrometo build the recorder chrome extensionyarn run build:rec:firefoxto build the recorder firefox addonyarn run build:rec:operato build the recorder opera extensionyarn run build:recbuilds and packs the recorder extensions all at once to extension/ directoryyarn run buildbuilds and packs both the full and recorder extensions all at once to extension/ directoryyarn run lintto lint the codeyarn run lint --fixto fix any lint errorsyarn playwright installat least once before the testsyarn run testto run the test suite (you should not have anything listening on port 8080)- Note that individual tests can be run like
yarn run test -t "Should report forms"
- Note that individual tests can be run like
-
yarn installto install dependencies. -
To watch file changes in development
- Chrome
yarn run dev:chrome
- Firefox
yarn run dev:firefox
- Opera
yarn run dev:opera
- Chrome
-
Load extension in browser
- Go to the browser address bar and type
chrome://extensions - Check the
Developer Modebutton to enable it. - Click on the
Load Unpacked Extension…button. - Select the relevant chrome directory in
extension/.
- Load the Add-on via
about:debuggingas temporary Add-on. - Choose the
manifest.jsonfile in the extracted directory
- Go to the browser address bar and type
edge://extensions - Check the
Developer Modebutton to enable it. - Click on the
Load Unpacked Extension…button. - Select the relevant chrome directory in
extension/.
- Load the extension via
opera:extensions - Check the
Developer Modeand load as unpacked from extension’s extracted directory.
yarn run buildbuilds the extension for all the browsers toextension/BROWSERdirectory respectively.
- Shared Eslint & Prettier Configuration -
@abhijithvijayan/eslint-config - Shared TypeScript Configuration -
@abhijithvijayan/tsconfig
Individual dependencies can be updated using yarn upgrade <package_name>
To update package.json use npx syncyarnlock --save --keepPrefix
All of the ZAP specific code is licensed under ApacheV2 © The ZAP Core Team
The Web Extension Starter is licensed under MIT © Abhijith Vijayan