Merge branch '439666-improve-dast-paths-docs' into 'master'

Document that DAST_PATHS limits the scan and is not additive See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/143436 Merged-by: Russell Dickenson <rdickenson@gitlab.com> Approved-by: Cameron Swords <cswords@gitlab.com> Approved-by: Russell Dickenson <rdickenson@gitlab.com> Co-authored-by: Michael Eddington <meddington@gitlab.com>

Merge branch '439666-improve-dast-paths-docs' into 'master'
75f6a617 · Russell Dickenson · GitLab · 693bc6f4 · 751e213d · 75f6a617
--- a/doc/user/application_security/dast/browser/configuration/variables.md
+++ b/doc/user/application_security/dast/browser/configuration/variables.md
@@ -60,8 +60,8 @@ For authentication CI/CD variables, see [Authentication](authentication.md).
 | `DAST_FULL_SCAN_ENABLED`                    | boolean                                                  | `true`                                 | Set to `true` to run both passive and active checks. Default: `false`                                                                                                                                                                                                         |
 | `DAST_PASSWORD`                    | string                                    |  | The password to authenticate to in the website. Example: `P@55w0rd!`                                                                                                                                                                                                                            |
 | `DAST_PASSWORD_FIELD`                          | [selector](authentication.md#finding-an-elements-selector) |  | A selector describing the element used to enter the password on the login form. Example: `id:password`                                                                                                                                                                                      |
-| `DAST_PATHS`                                | string                                                   | `/page1.html,/category1/page3.html`    | Set to a comma-separated list of URL paths relative to `DAST_WEBSITE` for DAST to scan.                                                                                                                                                                                       |
-| `DAST_PATHS_FILE`                           | string                                                   | `/builds/project/urls.txt`             | Set to a file path containing a list of URL paths relative to `DAST_WEBSITE` for DAST to scan. The file must be plain text with one path per line.                                                                                                                            |
+| `DAST_PATHS`                                | string                                                   | `/page1.html,/category1/page3.html`    | Limit the paths scanned to a provided list. Set to a comma-separated list of URL paths relative to `DAST_WEBSITE`.                                                                                                                                                                                       |
+| `DAST_PATHS_FILE`                           | string                                                   | `/builds/project/urls.txt`             | Limit the paths scanned to a provided list. Set to a file path containing a list of URL paths relative to `DAST_WEBSITE`. The file must be plain text with one path per line.                                                                                                                            |
 | `DAST_PKCS12_CERTIFICATE_BASE64`            | string                                                   | `ZGZkZ2p5NGd...`                       | The PKCS12 certificate used for sites that require Mutual TLS. Must be encoded as base64 text.                                                                                                                                                                                |
 | `DAST_PKCS12_PASSWORD`                      | string                                                   | `password`                             | The password of the certificate used in `DAST_PKCS12_CERTIFICATE_BASE64`. Create sensitive [custom CI/CI variables](../../../../../ci/variables/index.md#define-a-cicd-variable-in-the-ui) using the GitLab UI.                                                                     |
 | `DAST_REQUEST_HEADERS`                      | string                                                   | `Cache-control:no-cache`               | Set to a comma-separated list of request header names and values.                                                                                                                                                                                                             |