I want to perform a scan using ZAP tool and generate report using CI pipeline. The .Net Web API accepts requests and returns responses in XML format. The API works fine.
Whenever I run the ZAP tool I get the following error saying that content type application/xml is not supported:
Job openapi target: xxx error: Not generating request body for operation null, the content type application/xml is not supported.
It's really hard to believe that the tool doesn't support requests in XML format, however I couldn't find any information on the supported formats in ZAP's documentation.
I've used the same configuration for the API that handles requests in JSON format and the tool worked just fine.
ZAP does in general support XML requests. In this specific case it looks like you are trying to import an OpenAPI definition which includes XML data. Theres an open issue for this: https://github.com/zaproxy/zaproxy/issues/6767 Feel free to +1 it or add a comment..