Verifying site coverage performed during an automatic explore

The Rational AppScan Standard product provides users with several indications of the areas and parts of the web application that were covered during a scan.

Application Tree

The Application Tree (in the Rational AppScan Standard user interface), is a graphical representation of the areas that were discovered and explored by Rational AppScan Standard. Users can validate that the whole application was covered by viewing this tree and making sure that no application segments were left undiscovered.

Application Data

The Application Data view (View > Application Data), is a repository of information and data about the structure and contents discovered about the application during the explore phase. This data contains:

• Visited URLs: URLs that were visited during the explore phase
• Script. Parameters: Input parameters sent to the application, such as text fields, radio button values, hidden parameters, link parameters...
• Interactive URLs: Forms which were not automatically submitted and require user interaction to be fully explored
• Broken Links: Links that Rational AppScan Standard cannot retrieve (either because they are missing, or because the application returned an error during the explore phase)
• Filtered URLs: URLs that were not explored due to explore filters (Example: path exclusions, file type exclusions, depth limit...)
• Comments: HTML comments extracted from each page that were discovered during the explore phase
• JavaScripts: JavaScript. code that was extracted from each page that was discovered during the explore phase
• Cookies: HTTP cookies that were used during the explore phase (set either by a "Set-Cookie" header, or by client-side technologies such as JavaScript)