Merge pull request #6076 from psiinon/client/spiderhelp2

Client: Spider help tweaks

addOns/client/src/main/javahelp/org/zaproxy/addon/client/resources/help/contents/ajax-scan.html

@@ -8,6 +8,12 @@
 <BODY>
 <H1>Client Side Integration - AJAX Spider Enhancement</H1>
 
+This add-on now adds a <a href="spider.html">Client Spider</a> which is designed to explore modern web apps more effectively.
+You are recommended to try this out as it is likely to be more effective that the AJAX Spider Enhancement detailed here.
+<p>
+Also note that from ZAP 2.16.0 the AJAX Spider has an option to enable browser extensions, and that option is turned off by default.
+You will need to turn it on in order for this integration to work.
+<p>
 The AJAX Spider works by launching browsers, clicking links, and filling in fields.
 It is an effective way to crawl modern web apps but it is not able to directly access the DOM.
 <p>
@@ -19,7 +25,6 @@ <H1>Client Side Integration - AJAX Spider Enhancement</H1>
 If it finds any 'missed' URLs that were part of the AJAX Spider scan scope then it makes direct requests to these URLs.
 You will be able to see these requests in the History, Sites Tree, and Output tabs.
 <p>
-This add-on also adds a <a href="spider.html">Client Spider</a> which is designed to explore modern web apps more effectively.
 
 </BODY>
 </HTML>

addOns/client/src/main/javahelp/org/zaproxy/addon/client/resources/help/contents/client.html

@@ -35,7 +35,7 @@ <h2>Passive Scanning</h2>
 
 <h2>User Interface</h2>
 
-The add-on adds 3 new tabs to ZAP:
+The add-on adds 4 new tabs to ZAP:
 
 <h3>Client Map</h3>
 
@@ -160,6 +160,10 @@ <h4>Copy Types</h4>
 
 Copies the Types of the selected entries into the clipboard, separated by newlines.
 
+<h3>Client Spider</h3>
+
+This is detailed in the <a href="spider.html">Client Spider</a> help page.
+
 <h2>AJAX Spider Enhancement</h2>
 
 This add-on provides an <a href="ajax-scan.html">AJAX Spider Enhancement</a> which can detect URLs referenced in the DOM which were not

addOns/client/src/main/javahelp/org/zaproxy/addon/client/resources/help/contents/spider.html

@@ -13,6 +13,9 @@ <H1>Client Side Integration - Client Spider</H1>
 The Client Spider works in a similar way to the AJAX Spider but it has access to the DOM via the ZAP Browser Extension
 which means that it can find content which the AJAX Spider cannot find.
 <p>
+The Client Spider supports all of the authentication options supported by ZAP (including Browser Based Authentication), 
+and will run any enabled Selenium scripts in the browsers that it launches.
+<p>
 While it is still at an early stage we believe it is a more effective approach than the AJAX Spider.
 <br>
 We will be focussing on improving the Client Spider and the current plan is for it to supersede the AJAX Spider
@@ -29,5 +32,24 @@ <H1>Client Side Integration - Client Spider</H1>
 <li>Automation Framework <a href="automation.html">spiderClient</a> job
 </ul>
 
+<h3>Client Spider tab</h3>
+
+The Client Spider tab allows you start and monitor the Client Spider.
+It provides 3 sub tabs:
+
+<h4>Added Nodes</h4>
+
+These are the nodes that have been added to the Client Map.
+
+<h4>Tasks</h4>
+
+These are the tasks that spider uses to crawl the application. 
+The tasks are updated when they are added to the task list, when they start running, and when they complete.
+This allows you to understand what the Client Spider is actually doing much more clearly.
+
+<h4>Messages</h4>
+
+These are the HTTP(S) messages sent from the browsers that the client uses.
+
 </BODY>
 </HTML>