From 404ababca9ca71926f3d95d1344b64146dc12b16 Mon Sep 17 00:00:00 2001 From: ricekot Date: Mon, 1 Jul 2024 16:52:00 +0530 Subject: [PATCH] Fix typo in polyfill.io script detection alert description Signed-off-by: ricekot --- addOns/pscanrulesBeta/CHANGELOG.md | 3 ++- .../zap/extension/pscanrulesBeta/resources/Messages.properties | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/addOns/pscanrulesBeta/CHANGELOG.md b/addOns/pscanrulesBeta/CHANGELOG.md index 3e2b5a11df1..7e3568b791e 100644 --- a/addOns/pscanrulesBeta/CHANGELOG.md +++ b/addOns/pscanrulesBeta/CHANGELOG.md @@ -4,7 +4,8 @@ All notable changes to this add-on will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/). ## Unreleased - +### Fixed +- Typo in Polyfill.io script detection alert description. ## [39] - 2024-06-28 ### Added diff --git a/addOns/pscanrulesBeta/src/main/resources/org/zaproxy/zap/extension/pscanrulesBeta/resources/Messages.properties b/addOns/pscanrulesBeta/src/main/resources/org/zaproxy/zap/extension/pscanrulesBeta/resources/Messages.properties index c9a5576878c..8e56100d96f 100644 --- a/addOns/pscanrulesBeta/src/main/resources/org/zaproxy/zap/extension/pscanrulesBeta/resources/Messages.properties +++ b/addOns/pscanrulesBeta/src/main/resources/org/zaproxy/zap/extension/pscanrulesBeta/resources/Messages.properties @@ -35,7 +35,7 @@ pscanbeta.permissionspolicymissing.name = Permissions Policy Header Not Set pscanbeta.permissionspolicymissing.refs = https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Permissions-Policy\nhttps://developer.chrome.com/blog/feature-policy/\nhttps://scotthelme.co.uk/a-new-security-header-feature-policy/\nhttps://w3c.github.io/webappsec-feature-policy/\nhttps://www.smashingmagazine.com/2018/12/feature-policy/ pscanbeta.permissionspolicymissing.soln = Ensure that your web server, application server, load balancer, etc. is configured to set the Permissions-Policy header. -pscanbeta.polyfillcdnscript.desc1 = The page includes one or more script files loaded from one of the 'polyfill' domains.\nThese is not associated with the polyfill.js library and are known to serve malicious content. +pscanbeta.polyfillcdnscript.desc1 = The page includes one or more script files loaded from one of the 'polyfill' domains.\nThese are not associated with the polyfill.js library and are known to serve malicious content. pscanbeta.polyfillcdnscript.desc2 = The page includes one or more script which appear to include a reference to one of the 'polyfill' domains.\nThese are not associated with the polyfill.js library and are known to serve malicious content.\nYou should check to see if it is a safe reference (for example in a comment) or whether the script is loading content from that domain. pscanbeta.polyfillcdnscript.name = Script Served From Malicious Domain (polyfill) pscanbeta.polyfillcdnscript.refs = https://sansec.io/research/polyfill-supply-chain-attack\nhttps://x.com/triblondon/status/1761852117579427975