From 231308b5bdafbd1f76c4171d4bd7021087513e00 Mon Sep 17 00:00:00 2001
From: Tetiana Chupryna <tchupryna@gitlab.com>
Date: Thu, 28 Mar 2019 16:13:00 +0200
Subject: [PATCH 1/2] Improve location fingerprint

Use colon as other parsers do
and move path to the first place
because it's the most important item
---
 ee/lib/gitlab/ci/parsers/security/dast.rb           | 2 +-
 ee/spec/lib/gitlab/ci/parsers/security/dast_spec.rb | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/ee/lib/gitlab/ci/parsers/security/dast.rb b/ee/lib/gitlab/ci/parsers/security/dast.rb
index 3d7e4dd27c4510..a71273e5f0ff63 100644
--- a/ee/lib/gitlab/ci/parsers/security/dast.rb
+++ b/ee/lib/gitlab/ci/parsers/security/dast.rb
@@ -46,7 +46,7 @@ def flatten_vulnerabilities(vulnerability, host)
           end
 
           def generate_location_fingerprint(location)
-            Digest::SHA1.hexdigest("#{location['param']} #{location['method']} #{location['path']}")
+            Digest::SHA1.hexdigest("#{location['path']}:#{location['param']}:#{location['method']}")
           end
         end
       end
diff --git a/ee/spec/lib/gitlab/ci/parsers/security/dast_spec.rb b/ee/spec/lib/gitlab/ci/parsers/security/dast_spec.rb
index 0238ff28cb4da2..319a0c861aaf6a 100644
--- a/ee/spec/lib/gitlab/ci/parsers/security/dast_spec.rb
+++ b/ee/spec/lib/gitlab/ci/parsers/security/dast_spec.rb
@@ -24,8 +24,8 @@
     end
 
     it 'generates expected location fingerprint' do
-      expected1 = Digest::SHA1.hexdigest('X-Content-Type-Options GET ')
-      expected2 = Digest::SHA1.hexdigest('X-Content-Type-Options GET /')
+      expected1 = Digest::SHA1.hexdigest(':X-Content-Type-Options:GET')
+      expected2 = Digest::SHA1.hexdigest('/:X-Content-Type-Options:GET')
 
       expect(report.occurrences.first[:location_fingerprint]).to eq(expected1)
       expect(report.occurrences.last[:location_fingerprint]).to eq(expected2)
-- 
GitLab


From ade2ee047917bb5edc7fbc13087134b9d68c0a35 Mon Sep 17 00:00:00 2001
From: Tetiana Chupryna <tchupryna@gitlab.com>
Date: Thu, 28 Mar 2019 16:56:01 +0200
Subject: [PATCH 2/2] Add changelog file

---
 .../unreleased/aling-dast-lf-with-other-parsers.yml          | 5 +++++
 1 file changed, 5 insertions(+)
 create mode 100644 ee/changelogs/unreleased/aling-dast-lf-with-other-parsers.yml

diff --git a/ee/changelogs/unreleased/aling-dast-lf-with-other-parsers.yml b/ee/changelogs/unreleased/aling-dast-lf-with-other-parsers.yml
new file mode 100644
index 00000000000000..64cbf5f1dbaa3c
--- /dev/null
+++ b/ee/changelogs/unreleased/aling-dast-lf-with-other-parsers.yml
@@ -0,0 +1,5 @@
+---
+title: Improve DAST location fingerprints
+merge_request: 10487
+author:
+type: changed
-- 
GitLab