Skip to content

Commit

Permalink
50.4.2 XSSI wording improvement++
Browse files Browse the repository at this point in the history 
#903 (comment)
  • Loading branch information
@elarlang @tghosth
elarlang authored and tghosth committed Jan 18, 2024
1 parent 9169b2b commit 502b88c
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion 5.0/en/0x50-V50-Web-Frontend-Security.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ The category should contain requirements with ideas:
| # | Description | L1 | L2 | L3 | CWE |
| :---: | :--- | :---: | :---: | :---: | :---: |
| **50.4.1** | [ADDED] Verify that JSONP functionality is not enabled anywhere across the application to avoid Cross-Site Script Inclusion (XSSI) attacks. |||| |
| **50.4.2** | [ADDED] Verify that data which should require authorization to access is not returned in script resource responses to avoid Cross-Site Script Inclusion (XSSI) attacks. |||| |
| **50.4.2** | [ADDED] Verify that data that should require authorization to access is not returned in script resource responses, such as JavaScript files, to avoid Cross-Site Script Inclusion (XSSI) attacks. |||| |

## V50.5 Unintended Content Interpretation

Expand Down

0 comments on commit 502b88c

Please sign in to comment.