Merge branch 'djadmin-master-patch-27312' into 'master'

Document On-demand Scans Authentication options See merge request gitlab-org/gitlab!59169

Merge branch 'djadmin-master-patch-27312' into 'master'
Document On-demand Scans Authentication options See merge request gitlab-org/gitlab!59169
872fee1e · Nick Thomas · 98794f0b · afaa21cc · 872fee1e · 872fee1e
Commit 872fee1e authored Apr 14, 2021 by Nick Thomas
3 changed files
--- a/doc/user/application_security/dast/index.md
+++ b/doc/user/application_security/dast/index.md
@@ -940,6 +940,14 @@ A site profile contains the following:

 - **Profile name**: A name you assign to the site to be scanned.
 - **Target URL**: The URL that DAST runs against.
+- **Excluded URLs**: A comma-separated list of URLs to exclude from the scan.
+- **Request headers**: A comma-separated list of HTTP request headers, including names and values. These headers are added to every request made by DAST.
+- **Authentication**:  
+  - **Authenticated URL**: The URL of the page containing the sign-in HTML form on the target website. The username and password are submitted with the login form to create an authenticated scan. 
+  - **Username**: The username used to authenticate to the website.
+  - **Password**: The password used to authenticate to the website.
+  - **Username form field**: The name of username field at the sign-in HTML form. 
+  - **Password form field**: The name of password field at the sign-in HTML form. 

 #### Site profile validation


--- a/ee/app/assets/javascripts/security_configuration/dast_site_profiles_form/components/dast_site_profile_form.vue
+++ b/ee/app/assets/javascripts/security_configuration/dast_site_profiles_form/components/dast_site_profile_form.vue
@@ -123,9 +123,7 @@ export default {
        excludedUrls: {
          label: s__('DastProfiles|Excluded URLs (Optional)'),
          description: s__('DastProfiles|Enter URLs in a comma-separated list.'),
-          tooltip: s__(
-            'DastProfiles|URLs to skip during the authenticated scan. Use regular expression syntax to match multiple URLs.',
-          ),
+          tooltip: s__('DastProfiles|URLs to skip during the authenticated scan.'),
          placeholder: 'https://example.com/logout, https://example.com/send_mail',
        },
        requestHeaders: {

--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -10136,7 +10136,7 @@ msgstr ""
 msgid "DastProfiles|URL"
 msgstr ""

-msgid "DastProfiles|URLs to skip during the authenticated scan. Use regular expression syntax to match multiple URLs."
+msgid "DastProfiles|URLs to skip during the authenticated scan."
 msgstr ""

 msgid "DastProfiles|Username"