id: webpack-sourcemap-disclosure info: name: Webpack Sourcemap Disclosure author: dhiyaneshDk severity: info tags: exposure,files metadata: max-request: 2 http: - method: GET path: - "{{BaseURL}}" - "{{RootURL}}/{{Path}}/{{map}}.js.map" matchers-condition: and matchers: - type: word words: - '"version":' - '"file":' - '"sources":' condition: and - type: status status: - 200 extractors: - type: regex internal: true name: map group: 1 regex: - "sourceMappingURL=([a-z-~0-9.]+).js.map"