v2.4 [Apr 16, 2015]
Enhancements:
Issue 1576 : Define URL path elements as 'non structural'
Issue 1711 : Feature request: Option to specify number of token to be generated.
Issue 1768 : Update to use a more recent user-agent
Issue 1894 : ZAP only scans "User-Agent", "Referer", and "Host" request headers
Issue 1911 : Search AJAX spider requests
Issue 1913 : Pass all params across to zap.sh - debian package
Issue 1914 : Multiple add-on directories
Issue 1920 : Report the host:port ZAP is listening on in daemon mode, or exit if it cant
Issue 1927 : Enhancement: Break only for in-scope URLs.
Issue 1944 : Chart responses per second in ascan progress
Issue 1953 : Allow to spider a context through the ZAP API
Issue 1962 : Install and update add-ons from the command line
Issue 1975 : RC4-SHA SSL cipher suite not supported
Issue 1980 : Add ZAP CLI to Docker images
Issue 1985 : Bring up the Modify dialog if the user doubles on a row in a AbstractMultipleOptionsBaseTablePanel
Issue 2009 : Add Online links to the FAQ and Newsletter pages
Issue 2084 : Warn users if they are probably using out of date versions
Issue 2086 : Report request counts per plugin
Issue 2088 : Support an 'update all' button for installing all updated add-ons
Issue 2094 : Support a '-addoninstallall' command line option
Issue 2102 : Allow ajax spider options to be set via the API
Bug fixes:
Issue 1070 : Breaking on custom URL with query parameters does not work.
Issue 1555 : SAXParseException while generating the report
Issue 1617 : ZAP 2.4.0 throws HeadlessExceptions when running in daemon mode on headless machine
Issue 1877 : fix path to .ZAP_JVM.properties in zap.sh
Issue 1893 : Regression: Can't disable and enable specific scanners through the API
Issue 1910 : API does not return content in the expected encoding, on errors
Issue 1917 : Request and Response tabs dont scale the text
Issue 1939 : Scripts - Save Button Enablement Issue
Issue 1949 : Script with missing type prevents scripts and templates from being loaded
Issue 1950 : Connection closed without response, with an Authentication script with errors
Issue 1951 : Exception when trying to add users before loading an authentication script
Issue 1960 : Active Scan dialogue might use outdated scan policy
Issue 1969 : Issues with installation of scanners
Issue 1970 : Installed add-on dependencies might not be taken into account when installing add-ons
Issue 1973 : Returned HAR/list does not contain correct redirection messages
Issue 1981 : Spider might not report the correct number of URIs found
Issue 2005 : Active scanning incorrectly performed on sibling nodes
Issue 2044 : Issues in Hirschberg's algorithm implementation
Issue 2045 : Dont copy old configs if -dir option used
Issue 2052 : Authentication changes done through the API not saved to session
