Scan settings: Filters

To access this feature, click the Edit menu and select Default Scan Settings or Current Scan Settings. Then, in the Scan Settings category, select Filters.

Use the Filters settings to add search-and-replace rules for HTTP requests and responses. This feature is used most often to avoid the disclosure of sensitive data such as credit card numbers, employee names, or social security numbers. It is a means of disguising information that you do not want to be viewed by persons who use OpenText DAST or those who have access to the raw data or generated reports.

Options

The Filter options are described in the following table.

Option Description
Filter HTTP Request Content Use this area to specify search-and-replace rules for HTTP requests.
Filter HTTP Response Content Use this area to specify search-and-replace rules for HTTP responses.

Adding rules for finding and replacing keywords

Follow the steps below to add a regular expression rule for finding or replacing keywords in requests or responses:

  1. In either the Request Content or the Response Content group, click Add.

    The Add Request/Response Data Filter Criteria window opens.

  2. In the Search for text box, type (or paste) the string you want to locate (or enter a regular expression that describes the string).

    Click to insert regular expression notations or to launch the Regular Expression Editor (which facilitates the creation and testing of an expression).

  3. In the Search for text In box, select the section of the request or response you want to search for the filter pattern. The options are:

    • All – Search the entire request or response.

    • Headers – Search each header individually. Some headers, such as Set-Cookie and HTTP Version headers, are not searched.

      Note: To ensure that all headers are searched, select Prefix.

    • Post Data – For requests only, search all of the HTTP message body data.

    • Body – Search all of the HTTP message body data.

    • Prefix – Simultaneously search everything that is in the request or status line, all headers, and the empty line prior to the body.

  4. Type (or paste) the replacement string in the Replace search text with box.

    Click for assistance with regular expressions.

  5. For case-sensitive searches, select the Case sensitive match check box.

  6. Click OK.

See also

Scan settings: Allowed Hosts

Scan settings: Authentication

Scan settings: Cookies/Headers

Scan settings: Custom Parameters

Scan settings: File Not Found

Scan settings: General

Scan settings: HTTP Parsing

Scan settings: JavaScript

Scan settings: Method

Scan settings: Policy

Scan settings: Proxy

Scan settings: Requestor

Scan settings: Session Exclusions

Scan settings: User Agent