dynamicincludeexclude.do

Veracode APIs

The dynamicincludeexclude.do call configures a DynamicDS scan request to include and exclude specified URLs. Call the API once for each URL you want to include or exclude.

Before using this API, Veracode strongly recommends that you read API Usage and Access Guidelines.

Resource URL

https://analysiscenter.veracode.com/api/5.0/dynamicincludeexclude.do

Permissions

You need the Upload and Scan API role to use this call.

Parameters

Name Type Description
app_id

Required

Integer Application ID.
url

Required

String URL you want to include in or exclude from the scan.
is_exclude Boolean If true, excludes the specified URL from the scan. If false, includes the URL in the scan. Default is false.
https_http_inclusion Boolean If true, applies the call settings to both the HTTP and HTTPS versions of the URL. If false, only applies the call settings to the supplied URL. Default is false.
directory_restriction_policy String Values include:
  • dir_only Exclude a directory path. Ensure the last character of the url parameter value is a slash.
  • dir_and_sub Exclude a directory path, including its subdirectories. Ensure the last character of the url parameter value is a slash.
  • no_restrict Include the entire website.
  • file Exclude a filepath. Ensure there is no slash after the filename in the url parameter value.

Default is dir_only.

HTTPie Example

Examples use the HTTPie command-line tool. See Using HTTPie with the Python Authentication Library.

http --auth-type=veracode_hmac "https://analysiscenter.veracode.com/api/5.0/dynamicincludeexclude.do" "app_id==<app id>" "url==http://www.example.com/archives/" "is_exclude==true" "https_http_inclusion==true" "directory_restriction_policy==dir_only"

HTTPie Results

The dynamicincludeexclude.do call returns the dynamic_scan_info XML document, which references the dynamicscaninfo.xsd schema file. You can use the XSD schema file to validate the XML data. See the dynamicscaninfo.xsd schema documentation.

<?xml version="1.0" encoding="UTF-8"?>

<dynamic_scan_info xmlns:xsi="http&#x3a;&#x2f;&#x2f;www.w3.org&#x2f;2001&#x2f;XMLSchema-instance" 
         xmlns="https&#x3a;&#x2f;&#x2f;analysiscenter.veracode.com&#x2f;schema&#x2f;4.0&#x2f;dynamicscaninfo" 
         xsi:schemaLocation="https&#x3a;&#x2f;&#x2f;analysiscenter.veracode.com&#x2f;schema&#x2f;4.0&#x2f;dynamicscaninfo 
         https&#x3a;&#x2f;&#x2f;analysiscenter.veracode.com&#x2f;resource&#x2f;4.0&#x2f;dynamicscaninfo.xsd" 
         account_id="<account id>" app_id="<app id>" scan_id="5097076" error_message="">
   <dynamic_scan scan_id="5097076" scan_name="Test DynamicDS Scan" scan_status="Incomplete" target_url="http&#x3a;&#x2f;&#x2f;www.example.com&#x2f;" 
         directory_restriction_policy="true" https_http_inclusion="true">
      <contact_information first_name="Joan" last_name="Smythe" telephone="123-456-7890" email="jsmythe&#x40;example.com"/>
      <allowed_hosts>
         <allowed_host host="http&#x3a;&#x2f;&#x2f;www.example.com&#x2f;" directory_restriction_policy="dir_and_sub" https_http_inclusion="true"/>
      </allowed_hosts>
      <exclude_urls>
         <exclude_url host="http&#x3a;&#x2f;&#x2f;www.example.com&#x2f;archives&#x2f;" directory_restriction_policy="dir_only"  
            https_http_inclusion="true"/>
      </exclude_urls>
   </dynamic_scan>
</dynamic_scan_info>