Update copy for API Security in DAST

This include small copy changes in the
DAST Site Profile to support API security

Changelog: changed

ee/app/assets/javascripts/on_demand_scans_form/components/profile_selector/site_profile_summary.vue

@@ -9,17 +9,6 @@ import ProfileSelectorSummaryCell from './summary_cell.vue';
 
 export default {
   name: 'DastSiteProfileSummary',
-  i18n: {
-    targetUrl: s__('DastProfiles|Target URL'),
-    targetType: s__('DastProfiles|Site type'),
-    authUrl: s__('DastProfiles|Authentication URL'),
-    username: s__('DastProfiles|Username'),
-    password: s__('DastProfiles|Password'),
-    usernameField: s__('DastProfiles|Username form field'),
-    passwordField: s__('DastProfiles|Password form field'),
-    excludedUrls: s__('DastProfiles|Excluded URLs'),
-    requestHeaders: s__('DastProfiles|Request headers'),
-  },
   components: {
     ProfileSelectorSummaryCell,
   },
@@ -35,6 +24,23 @@ export default {
     },
   },
   computed: {
+    i18n() {
+      return {
+        targetUrl: this.isTargetAPI
+          ? s__('DastProfiles|API endpoint URL')
+          : s__('DastProfiles|Target URL'),
+        targetType: s__('DastProfiles|Site type'),
+        authUrl: s__('DastProfiles|Authentication URL'),
+        username: s__('DastProfiles|Username'),
+        password: s__('DastProfiles|Password'),
+        usernameField: s__('DastProfiles|Username form field'),
+        passwordField: s__('DastProfiles|Password form field'),
+        excludedUrls: this.isTargetAPI
+          ? s__('DastProfiles|Excluded paths')
+          : s__('DastProfiles|Excluded URLs'),
+        requestHeaders: s__('DastProfiles|Request headers'),
+      };
+    },
     hasExcludedUrls() {
       return this.profile.excludedUrls?.length > 0;
     },
@@ -46,6 +52,9 @@ export default {
     targetTypeValue() {
       return TARGET_TYPES[this.profile.targetType].text;
     },
+    isTargetAPI() {
+      return this.profile.targetType === TARGET_TYPES.API.value;
+    },
     isProfileValidated() {
       return this.profile.validationStatus === DAST_SITE_VALIDATION_STATUS.PASSED
         ? s__('DastProfiles|Validated')
@@ -61,40 +70,34 @@ export default {
     <div class="row">
       <profile-selector-summary-cell
         :class="{ 'gl-text-red-500': hasConflict }"
-        :label="$options.i18n.targetUrl"
+        :label="i18n.targetUrl"
         :value="profile.targetUrl"
       />
-      <profile-selector-summary-cell :label="$options.i18n.targetType" :value="targetTypeValue" />
+      <profile-selector-summary-cell :label="i18n.targetType" :value="targetTypeValue" />
     </div>
     <template v-if="profile.auth.enabled">
       <div class="row">
-        <profile-selector-summary-cell :label="$options.i18n.authUrl" :value="profile.auth.url" />
+        <profile-selector-summary-cell :label="i18n.authUrl" :value="profile.auth.url" />
       </div>
       <div class="row">
-        <profile-selector-summary-cell
-          :label="$options.i18n.username"
-          :value="profile.auth.username"
-        />
-        <profile-selector-summary-cell :label="$options.i18n.password" value="••••••••" />
+        <profile-selector-summary-cell :label="i18n.username" :value="profile.auth.username" />
+        <profile-selector-summary-cell :label="i18n.password" value="••••••••" />
       </div>
       <div class="row">
         <profile-selector-summary-cell
-          :label="$options.i18n.usernameField"
+          :label="i18n.usernameField"
           :value="profile.auth.usernameField"
         />
         <profile-selector-summary-cell
-          :label="$options.i18n.passwordField"
+          :label="i18n.passwordField"
           :value="profile.auth.passwordField"
         />
       </div>
     </template>
     <div class="row">
+      <profile-selector-summary-cell :label="i18n.excludedUrls" :value="displayExcludedUrls" />
       <profile-selector-summary-cell
-        :label="$options.i18n.excludedUrls"
-        :value="displayExcludedUrls"
-      />
-      <profile-selector-summary-cell
-        :label="$options.i18n.requestHeaders"
+        :label="i18n.requestHeaders"
         :value="profile.requestHeaders ? __('[Redacted]') : undefined"
       />
     </div>

ee/app/assets/javascripts/security_configuration/dast_profiles/dast_site_profiles/components/dast_site_profile_form.vue

@@ -93,13 +93,15 @@ export default {
           cancelTitle: __('Cancel'),
         },
         excludedUrls: {
-          label: s__('DastProfiles|Excluded URLs (Optional)'),
+          label: this.isTargetAPI
+            ? s__('DastProfiles|Excluded paths (optional)')
+            : s__('DastProfiles|Excluded URLs (optional)'),
           description: s__('DastProfiles|Enter URLs in a comma-separated list.'),
           tooltip: s__('DastProfiles|URLs to skip during the authenticated scan.'),
           placeholder: 'https://example.com/logout, https://example.com/send_mail',
         },
         requestHeaders: {
-          label: s__('DastProfiles|Additional request headers (Optional)'),
+          label: s__('DastProfiles|Additional request headers (optional)'),
           description: s__('DastProfiles|Enter headers in a comma-separated list.'),
           tooltip: s__(
             'DastProfiles|Request header names and values. Headers are added to every request made by DAST.',
@@ -107,6 +109,11 @@ export default {
           // eslint-disable-next-line @gitlab/require-i18n-strings
           placeholder: 'Cache-control: no-cache, User-Agent: DAST/1.0',
         },
+        targetUrl: {
+          label: this.isTargetAPI
+            ? s__('DastProfiles|API endpoint URL')
+            : s__('DastProfiles|Target URL'),
+        },
       };
     },
     parsedExcludedUrls() {
@@ -233,7 +240,7 @@ export default {
       <gl-form-group
         data-testid="target-url-input-group"
         :invalid-feedback="form.fields.targetUrl.feedback"
-        :label="s__('DastProfiles|Target URL')"
+        :label="i18n.targetUrl.label"
       >
         <gl-form-input
           v-model="form.fields.targetUrl.value"
@@ -249,7 +256,7 @@ export default {
 
       <div class="row">
         <gl-form-group
-          :label="s__('DastProfiles|Excluded URLs (Optional)')"
+          :label="i18n.excludedUrls.label"
           :invalid-feedback="form.fields.excludedUrls.feedback"
           class="col-md-6"
         >

ee/app/assets/javascripts/security_configuration/dast_profiles/dast_site_profiles/constants.js

@@ -8,5 +8,5 @@ export const REDACTED_REQUEST_HEADERS = '••••••••';
 
 export const TARGET_TYPES = {
   WEBSITE: { value: 'WEBSITE', text: s__('DastProfiles|Website') },
-  API: { value: 'API', text: s__('DastProfiles|Rest API') },
+  API: { value: 'API', text: s__('DastProfiles|API') },
 };

locale/gitlab.pot

@@ -11010,10 +11010,16 @@ msgstr ""
 msgid "DastProfiles|AJAX spider"
 msgstr ""
 
+msgid "DastProfiles|API"
+msgstr ""
+
+msgid "DastProfiles|API endpoint URL"
+msgstr ""
+
 msgid "DastProfiles|Active"
 msgstr ""
 
-msgid "DastProfiles|Additional request headers (Optional)"
+msgid "DastProfiles|Additional request headers (optional)"
 msgstr ""
 
 msgid "DastProfiles|Are you sure you want to delete this profile?"
@@ -11097,7 +11103,13 @@ msgstr ""
 msgid "DastProfiles|Excluded URLs"
 msgstr ""
 
-msgid "DastProfiles|Excluded URLs (Optional)"
+msgid "DastProfiles|Excluded URLs (optional)"
+msgstr ""
+
+msgid "DastProfiles|Excluded paths"
+msgstr ""
+
+msgid "DastProfiles|Excluded paths (optional)"
 msgstr ""
 
 msgid "DastProfiles|Hide debug messages"
@@ -11154,9 +11166,6 @@ msgstr ""
 msgid "DastProfiles|Request headers"
 msgstr ""
 
-msgid "DastProfiles|Rest API"
-msgstr ""
-
 msgid "DastProfiles|Run the AJAX spider, in addition to the traditional spider, to crawl the target site."
 msgstr ""