Can session exclusion be done through Site View in WebInspect
I am using WebInspect 10.40. While conducting a scan, I saw the check boxes in the site view. While the scan is going on and I untick a checkbox, a pop up says - To disable a session, the scan must be paused.
My query is
1. Does that mean I can restrict the scan scope using the site view ?
2. Also, if I want to exclude a page/functionality, can it be done through site view ? Does it work as an alternative to session exclusion option present in scan setting ?
Yes and no. When you Pause the scan and deselect a node in the Site Tree view, you are excluding that session from WebInspect's further study. However, this does not affect the sub-versions of that session (alternate parameters) which may already be listed in the Site Tree, nor the sub-folder sand pages under that session, unless you right-click and use the Deselect Children option. This can help you pare down the scan scope a little, but it is not efficient and a bit sloppy. the better method is to define your Session Exclusions before launching the scan, or as you trigger a Rescan. The reason the manual process is sloppy is that WebInspect is faster than you, and it has already wasted time Crawling the sections that you have decided need to be omitted. I would instead Pause the scan, view the Current Scan Settings, "Save As" a saved scan template, then edit that saved settings template, and finally start a fresh scan using the new set of settings. If the exclusion is quick and easy to define, you could do the same by triggering Rescan and then editing the Settings in the middle of the Scan Wizard.
-- Habeas Data
Micro Focus Fortify Customers-Only Forums – https://community.softwaregrp.com/t5/Fortify/ct-p/fortify