Fix typo in polyfill.io script detection alert description

Signed-off-by: ricekot <github@ricekot.com>
zaproxy · Jul 1, 2024 · 404abab · 404abab
1 parent c229767
commit 404abab
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 2 deletions.
diff --git a/addOns/pscanrulesBeta/CHANGELOG.md b/addOns/pscanrulesBeta/CHANGELOG.md
@@ -4,7 +4,8 @@ All notable changes to this add-on will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
 
 ## Unreleased
-
+### Fixed
+- Typo in Polyfill.io script detection alert description.
 
 ## [39] - 2024-06-28
 ### Added

diff --git a/...src/main/resources/org/zaproxy/zap/extension/pscanrulesBeta/resources/Messages.properties b/...src/main/resources/org/zaproxy/zap/extension/pscanrulesBeta/resources/Messages.properties
@@ -35,7 +35,7 @@ pscanbeta.permissionspolicymissing.name = Permissions Policy Header Not Set
 pscanbeta.permissionspolicymissing.refs = https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy\nhttps://developer.chrome.com/blog/feature-policy/\nhttps://scotthelme.co.uk/a-new-security-header-feature-policy/\nhttps://w3c.github.io/webappsec-feature-policy/\nhttps://www.smashingmagazine.com/2018/12/feature-policy/
 pscanbeta.permissionspolicymissing.soln = Ensure that your web server, application server, load balancer, etc. is configured to set the Permissions-Policy header.
 
-pscanbeta.polyfillcdnscript.desc1 = The page includes one or more script files loaded from one of the 'polyfill' domains.\nThese is not associated with the polyfill.js library and are known to serve malicious content.
+pscanbeta.polyfillcdnscript.desc1 = The page includes one or more script files loaded from one of the 'polyfill' domains.\nThese are not associated with the polyfill.js library and are known to serve malicious content.
 pscanbeta.polyfillcdnscript.desc2 = The page includes one or more script which appear to include a reference to one of the 'polyfill' domains.\nThese are not associated with the polyfill.js library and are known to serve malicious content.\nYou should check to see if it is a safe reference (for example in a comment) or whether the script is loading content from that domain.
 pscanbeta.polyfillcdnscript.name = Script Served From Malicious Domain (polyfill)
 pscanbeta.polyfillcdnscript.refs = https://sansec.io/research/polyfill-supply-chain-attack\nhttps://x.com/triblondon/status/1761852117579427975