When you add a target, Probely will only scan pages under that target, i.e., it will not scan any pages from a different hostname.
This approach works well in many web apps but can present challenges in, for example, Single-Page Applications (SPAs), in which the front-end is largely built in Javascript, and the server-side functionality is invoked via an API. APIs are usually hosted under a different subdomain, such as api.example.com, while the front-end resides on app.example.com. In some cases, the API can even be an entirely separate domain.
If Probely only scans pages under the front-end’s domain, it might miss critical security tests in the API that drive much of its functionality. To solve this, you can add extra hosts to your targets to include a new subdomain or domain of the API to the scanning scope.
Probely will follow and scan any XMLHttpRequest made to this hostname. If it is in the extra hosts, it will be regarded as in the scanning scope, and the API’s response will also be analyzed.
How to add an Extra Host
Add an Extra Host to your target by following these steps:
In the Probely app, go to the TARGETS tab.
Find the target in the list and click on the cogwheel to edit its settings.
Go to the EXTRA HOSTS tab, where you’ll find the following section:
Once you've done so, simply type in your API's hostname, and click ADD.
Once you’ve added an extra host, ensure that its hostname is under a verified domain. You can learn more about this in this article: Why do we require you to verify the ownership of a domain.
By including the API’s hostname as an extra host, Probely ensures that these requests are captured and analyzed, along with the front-end, allowing the scanner to identify potential vulnerabilities within your server-side API endpoints.
By scanning both the front-end and its associated APIs, you gain a complete picture of your web app’s security posture.