Add Number of Browsers and Scope check to the client spider API

Author: tenaz3

addOns/client/CHANGELOG.md

@@ -7,6 +7,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 ### Added
 - Edge recorder link to help.
 - Support for stopping the spiderCient automation job.
+- Optional `numberOfBrowsers` parameter for the Client Spider API action `scan` to control concurrency (number of browser windows).
+- Optional `scopeCheck` parameter for the Client Spider API action `scan` to select Scope Check (Flexible or Strict).
 
 ### Changed
 - Updated Chrome and Firefox extensions to v0.1.5.

addOns/client/src/main/java/org/zaproxy/addon/client/spider/ClientSpiderApi.java

@@ -63,6 +63,8 @@ public class ClientSpiderApi extends ApiImplementor {
     private static final String PARAM_USER_NAME = "userName";
     private static final String PARAM_MAX_CRAWL_DEPTH = "maxCrawlDepth";
     private static final String PARAM_PAGE_LOAD_TIME = "pageLoadTime";
+    private static final String PARAM_NUMBER_OF_BROWSERS = "numberOfBrowsers";
+    private static final String PARAM_SCOPE_CHECK = "scopeCheck";
 
     private final ExtensionClientIntegration extension;
 
@@ -84,7 +86,9 @@ public ClientSpiderApi(ExtensionClientIntegration extension) {
                                 PARAM_USER_NAME,
                                 PARAM_SUBTREE_ONLY,
                                 PARAM_MAX_CRAWL_DEPTH,
-                                PARAM_PAGE_LOAD_TIME)));
+                                PARAM_PAGE_LOAD_TIME,
+                                PARAM_NUMBER_OF_BROWSERS,
+                                PARAM_SCOPE_CHECK)));
 
         addApiAction(new ApiAction(ACTION_STOP_SCAN, List.of(PARAM_SCAN_ID)));
 
@@ -152,6 +156,12 @@ private ApiResponse startScan(String name, JSONObject params) throws ApiExceptio
         if (params.containsKey(PARAM_PAGE_LOAD_TIME)) {
             options.setPageLoadTimeInSecs(ApiUtils.getIntParam(params, PARAM_PAGE_LOAD_TIME));
         }
+        if (params.containsKey(PARAM_NUMBER_OF_BROWSERS)) {
+            options.setThreadCount(ApiUtils.getIntParam(params, PARAM_NUMBER_OF_BROWSERS));
+        }
+        if (params.containsKey(PARAM_SCOPE_CHECK)) {
+            options.setScopeCheck(params.getString(PARAM_SCOPE_CHECK));
+        }
 
         User user = getUser(params, context);
 

addOns/client/src/main/resources/org/zaproxy/addon/client/resources/Messages.properties

@@ -31,7 +31,9 @@ client.clientSpider.api.action.scan = Starts a client spider scan.
 client.clientSpider.api.action.scan.param.browser = The ID of the browser. See Selenium documentation for valid IDs.
 client.clientSpider.api.action.scan.param.contextName = The name of the context.
 client.clientSpider.api.action.scan.param.maxCrawlDepth = Maximum Crawl Depth (0 is unlimited).
+client.clientSpider.api.action.scan.param.numberOfBrowsers = Number of Browser Windows to Open (concurrency).
 client.clientSpider.api.action.scan.param.pageLoadTime = Page Load Time (seconds).
+client.clientSpider.api.action.scan.param.scopeCheck = Scope Check (FLEXIBLE or STRICT).
 client.clientSpider.api.action.scan.param.subtreeOnly = true to spider only under the subtree, false otherwise.
 client.clientSpider.api.action.scan.param.url = The URL from where to start the spider.
 client.clientSpider.api.action.scan.param.userName = The name of the user.