Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update: Cross Site Scripting Prevention Cheat Sheet #1212

Open
zer0uno opened this issue Oct 4, 2023 · 4 comments
Open

Update: Cross Site Scripting Prevention Cheat Sheet #1212

zer0uno opened this issue Oct 4, 2023 · 4 comments
Assignees
@mackowski
Labels
ACK_OBTAINED Issue acknowledged from core team so work can be done to fix it. UPDATE_CS Issue about the update/refactoring of a existing cheat sheet.

Comments

@zer0uno
Copy link

zer0uno commented Oct 4, 2023
edited

What is missing or needs to be updated?

Under the section "XSS Prevention Rules Summary" the table within refers to rule #1, rule #2, rule #4, rule #5, aside the fact the rule #3 is missing, which rule do they refer to?

How should this be resolved?

A better explanation of what these rules are should be given.
@zer0uno zer0uno added ACK_WAITING Issue waiting acknowledgement from core team before to start the work to fix it. HELP_WANTED Issue for which help is wanted to do the job. UPDATE_CS Issue about the update/refactoring of a existing cheat sheet. labels Oct 4, 2023
@kwwall
Copy link
Collaborator

kwwall commented Oct 4, 2023

Is it possible that these references to the rules you pointed out are a carryover from the rules that were last mentioned under the section "XSS Prevention Rules" in https://github.com/OWASP/CheatSheetSeries/blob/dace50491da52f2382965ce3f25cad3c217dede2/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.md, after which this cheat sheet underwent some major revisions?

@mackowski
Copy link
Collaborator

@zer0uno they are referring to rules under XSS Prevention Rules, I do not understand the problem here.

@zer0uno
Copy link
Author

zer0uno commented Oct 17, 2023
edited

@mackowski On this page there is no section titled "XSS Prevention Rules", but "XSS Prevention Rules Summary" which is the section I mentioned that points to numbered rules that I can find no matching within the page

@mackowski
Copy link
Collaborator

oh yes we should remove that numbers right, and maybe add links to relevant parts if the cheatsheet

@mackowski mackowski self-assigned this Nov 24, 2023
@mackowski mackowski added ACK_OBTAINED Issue acknowledged from core team so work can be done to fix it. and removed ACK_WAITING Issue waiting acknowledgement from core team before to start the work to fix it. HELP_WANTED Issue for which help is wanted to do the job. labels Nov 24, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@mackowski mackowski

Labels
ACK_OBTAINED Issue acknowledged from core team so work can be done to fix it. UPDATE_CS Issue about the update/refactoring of a existing cheat sheet.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@kwwall @zer0uno @mackowski