Skip to content

Commit

Permalink
#903 XSSI wording improvements++
Browse files Browse the repository at this point in the history 
46dba30#commitcomment-135886577
  • Loading branch information
@elarlang
elarlang authored Dec 29, 2023
1 parent 46dba30 commit 26b4f07
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion 5.0/en/0x50-V50-Web-Frontend-Security.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ The category should contain requirements with ideas:
| # | Description | L1 | L2 | L3 | CWE |
| :---: | :--- | :---: | :---: | :---: | :---: |
| **50.4.1** | [ADDED] Verify that JSONP functionality is not enabled anywhere across the application to avoid Cross-Site Script Inclusion (XSSI) attacks. |||| |
| **50.4.2** | [ADDED] Verify that data that should require authorization to access is not returned in script resource responses, such as JavaScript files, to avoid Cross-Site Script Inclusion (XSSI) attacks. |||| |
| **50.4.2** | [ADDED] Verify that data requiring authorization is not included in script resource responses, like JavaScript files, to prevent Cross-Site Script Inclusion (XSSI) attacks. |||| |

## V50.5 Unintended Content Interpretation

Expand Down

0 comments on commit 26b4f07

Please sign in to comment.