IssueLibrary endpoint

GET /pro/api/addons/issuelib/entries

Retrieves all of the IssueLibrary entries from your instance.

Sample request:

curl \
  -H 'Authorization: Token token="hxMsNwttqN5bVNEYcrIF01s65"' \
  http://dradis-pro.dev/pro/api/addons/issuelib/entries

Result:

[
  {
    "id": 1,
    "title": ".NET assemblies were not obfuscated",
    "fields": {
      "Title": ".NET assemblies were not obfuscated",
      "Description": "The client-side assemblies were found to be strongly-named (which can help against tampering)...",
      "id": 1
    },
    "state": 0,
    "content": "#[Title]#\r\n.NET assemblies were not obfuscated\r\n\r\n\r\n#[Description]#\r\nThe client-side assemblies were found to be strongly-named (which can help against tampering)...",
    "created_at": "2019-03-14T20:35:45.000Z",
    "updated_at": "2019-03-14T20:59:09.000Z"
  },
  {
    "id": 2,
    "title": "SQL injection",
    "fields": {
      "Title": "SQL injection",
      "Description": "Structured Query Language (SQL) is a computer language designed for the retrieval and management of data in relation databases...",
      "id": 2
    },
    "state": 0,
    "content": "#[Title]#\r\nSQL injection\r\n\r\n\r\n#[Description]#\r\nStructured Query Language (SQL) is a computer language designed for the retrieval and management of data in relation databases...",
    "created_at": "2019-03-14T20:59:29.000Z",
    "updated_at": "2019-03-14T20:59:29.000Z"
  }
]

GET /pro/api/addons/issuelib/entries/:issuelibrary_entry_id

Retrieves a single IssueLibrary entry.

Sample request:

curl \
  -H 'Authorization: Token token="hxMsNwttqN5bVNEYcrIF01s65"' \
  http://dradis-pro.dev/pro/api/addons/issuelib/entries/2

Result:

{
  "id": 2,
  "title": "SQL injection",
  "fields": {
    "Title": "SQL injection",
    "Description": "Structured Query Language (SQL) is a computer language designed for the retrieval and management of data in relation databases...",
    "id": 2
  },
  "state": 0,
  "content": "#[Title]#\r\nSQL injection\r\n\r\n\r\n#[Description]#\r\nStructured Query Language (SQL) is a computer language designed for the retrieval and management of data in relation databases...",
  "created_at": "2019-03-14T20:59:29.000Z",
  "updated_at": "2019-03-14T20:59:29.000Z"
}
  

POST /pro/api/addons/issuelib/entries

Creates an IssueLibrary entry. The attributes for the IssueLibrary entry must be provided in the POST body as JSON.

HTTP status 201 will be returned if the creation completes successfully, and a Location header will be sent with the response, set to the URL of the newly created resource.

Accepted Parameter Use
entry Pass it the content parameter.
content Pass it the content of the IssueLibrary entry to be created.

Sample request:

curl \
  -H 'Authorization: Token token="hxMsNwttqN5bVNEYcrIF01s65"' \
  -H 'Content-type: application/json' \
  -X POST \
  -d '{"entry":{"content": "#[Title]#\r\nDangerous HTTP methods: TRACE\r\n\r\n#[Rating]#\r\nMedium\r\n\r\n#[Description]#\r\nThe TRACE HTTP method is used as a debugging mechanism that allows the client to see what is being received at the other end of the request chain and use that data for testing and diagnostic information."}}' \
  http://dradis-pro.dev/pro/api/addons/issuelib/entries

Result:

{
  "id": 3,
  "title": "Dangerous HTTP methods: TRACE",
  "fields": {
    "Title": "Dangerous HTTP methods: TRACE",
    "Rating": "Medium",
    "Description": "The TRACE HTTP method is used as a debugging mechanism that allows the client to see what is being received at the other end of the request chain and use that data for testing and diagnostic information.",
    "id": 3
  },
  "state": 0,
  "content": "#[Title]#\r\nDangerous HTTP methods: TRACE\r\n\r\n#[Rating]#\r\nMedium\r\n\r\n#[Description]#\r\nThe TRACE HTTP method is used as a debugging mechanism that allows the client to see what is being received at the other end of the request chain and use that data for testing and diagnostic information.",
  "created_at": "2019-03-14T21:10:53.000Z",
  "updated_at": "2019-03-14T21:10:53.000Z"
}
  

PUT /pro/api/addons/issuelib/entries/:issuelibrary_entry_id

Updates a specific IssueLibrary entry. The attributes to be updated must be provided in the body as JSON. Like the POST method, make sure to write out the new content of the IssueLibrary entry using JSON on one line subbing in \r\n to create new lines and creating fields using the #[ ]# syntax. If your content contains any special characters, be sure to escape them using /.

HTTP status 200 will be returned if the update completes successfully.

See POST above for more details on the accepted parameters.

Sample request:

curl \
  -H 'Authorization: Token token="hxMsNwttqN5bVNEYcrIF01s65"' \
  -H 'Content-type: application/json' \
  -X PUT \
  -d '{"entry":{"content": "#[Title]#\r\nDangerous HTTP methods: TRACE\r\n\r\n#[Rating]#\r\nMedium\r\n\r\n#[Description]#\r\nUpdated sample IssueLibrary entry description"}}' \
  http://dradis-pro.dev/pro/api/addons/issuelib/entries/3

Result:

{
  "id": 3,
  "title": "Dangerous HTTP methods: TRACE",
  "fields": {
    "Title": "Dangerous HTTP methods: TRACE",
    "Rating": "Medium",
    "Description": "Updated sample IssueLibrary entry description",
    "id": 3
  },
  "state": 0,
  "content": "#[Title]#\r\nDangerous HTTP methods: TRACE\r\n\r\n#[Rating]#\r\nMedium\r\n\r\n#[Description]#\r\nUpdated sample IssueLibrary entry description",
  "created_at": "2019-03-14T21:10:53.000Z",
  "updated_at": "2019-03-14T21:14:33.000Z"
}
  

DELETE /pro/api/addons/issuelib/entries/:issuelibrary_entry_id

Deletes a specific IssueLibrary entry from your instance. HTTP status 200 will be returned if the deletion completes successfully.

Sample request:

curl \
  -H 'Authorization: Token token="hxMsNwttqN5bVNEYcrIF01s65"' \
  -X DELETE \
  http://dradis-pro.dev/pro/api/addons/issuelib/entries/3

Result:

{
  "message": "Resource deleted successfully"
}

Great job, you reached the end of the guide! Have you read all of them?

Streamline InfoSec Project Delivery

Learn practical tips to reduce the overhead that drags down security assessment delivery with this 5-day course. These proven, innovative, and straightforward techniques will optimize all areas of your next engagement including:

  • Scoping
  • Scheduling
  • Project Planning
  • Delivery
  • Intra-team Collaboration
  • Reporting and much more...

Your email is kept private. We don't do the spam thing.