Deploy the generated website via GitHub Actions

OWASP · Nov 27, 2024 · 852edbf · 852edbf
1 parent 6a930b0
commit 852edbf
Show file tree

Hide file tree

Showing 7 changed files with 104 additions and 104 deletions.
diff --git a/News.xml b/News.xml
diff --git a/README.md b/README.md
@@ -1 +1 @@
-Website last update: 2024-11-25 at 16:56:10.
+Website last update: 2024-11-27 at 13:31:07.
diff --git a/bundle.zip b/bundle.zip
diff --git a/cheatsheets/DOM_Clobbering_Prevention_Cheat_Sheet.html b/cheatsheets/DOM_Clobbering_Prevention_Cheat_Sheet.html
@@ -3081,7 +3081,7 @@ <h4 id="sanitizer-api">Sanitizer API<a class="headerlink" href="#sanitizer-api"
 </code></pre></div>
 <h3 id="2-content-security-policy">#2: Content-Security Policy<a class="headerlink" href="#2-content-security-policy" title="Permanent link">&para;</a></h3>
 <p><a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy">Content-Security Policy (CSP)</a> is a set of rules that tell the browser which resources are allowed to be loaded on a web page. By restricting the sources of JavaScript files (e.g., with the <a href="https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/script-src">script-src</a> directive), CSP can prevent malicious code from being injected into the page.</p>
-<p><strong>Note:</strong> CSP can only mitigate <strong>some varints</strong> of DOM clobbering attacks, such as when attackers attempt to load new scripts by clobbering script sources, but not when already-present code can be abused for code execution, e.g., clobbering the parameters of code evaluation constructs like <code>eval()</code>.</p>
+<p><strong>Note:</strong> CSP can only mitigate <strong>some variants</strong> of DOM clobbering attacks, such as when attackers attempt to load new scripts by clobbering script sources, but not when already-present code can be abused for code execution, e.g., clobbering the parameters of code evaluation constructs like <code>eval()</code>.</p>
 <h3 id="3-freezing-sensitive-dom-objects">#3: Freezing Sensitive DOM Objects<a class="headerlink" href="#3-freezing-sensitive-dom-objects" title="Permanent link">&para;</a></h3>
 <p>A simple way to mitigate DOM Clobbering against individual objects could be to freeze sensitive DOM objects and their properties, e.g., via <a href="https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Object/freeze">Object.freeze()</a> method.</p>
 <p><strong>Note:</strong> Freezing object properties prevents them from being overwritten by named DOM elements. But, determining all objects and object properties that need to be frozen may be not be easy, limiting the usefulness of this approach.</p>

diff --git a/search/search_index.json b/search/search_index.json
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		Website last update: 2024-11-25 at 16:56:10.
		Website last update: 2024-11-27 at 13:31:07.