Add support for template variables

[m0sth8]

I suppose it will be useful if we add support for template variables in such cases:

The line

Arachni has flagged this not as a vulnerability, but as a ...

is converted to

{{SCANNER}} has flagged this not as a vulnerability, but as a ...

What do you think?

[andresriancho]

👍

Andres @ Android
El mar 28, 2015 1:14 p.m., "Slava" notifications@github.com escribió:

I suppose it will be useful if we add support for template variables in
such cases:

The line

Arachni has flagged this not as a vulnerability, but as a ...

is converted to

{{SCANNER}} has flagged this not as a vulnerability, but as a ...

What do you think?

—
Reply to this email directly or view it on GitHub
#11.

[andresriancho]

While we code the template+generic stuff I just replaced "Arachni" with "The tool" in all files.
f3da384

[andresriancho]

I believe we should add more thinking to this issue before we act on it, adding the template variables might not be the best thing to do since it makes the SDKs more complex and the DB difficult to write.

We might simply ask the DB entries to be generic and that's it. Instead of FooTool was able to detect that sending request X generated Y error we can have database entries with The tool was able to detect that sending request X generated Y error, or even better so it can be used in an environment without tools: It was possible to detect that sending request X generated Y error

[andresriancho]

@m0sth8 , @Zapotek let me know what you guys think and I'll change the JSON files accordingly (manual changes are required, but I don't mind)

[Zapotek]

I think we should remove everything that follows Arachni (or The tool) from the descriptions as these things are relevant to the specific way the tool identified the issue, rather than data about the issue itself.

Tools can append that stuff to the descriptions if they so choose and provide much better context too.

Just my 2c.