Deploy the generated website via GitHub Actions

OWASP · Sep 9, 2024 · edce0ed · edce0ed
1 parent e90582b
commit edce0ed
Show file tree

Hide file tree

Showing 8 changed files with 143 additions and 143 deletions.
diff --git a/Glossary.html b/Glossary.html
diff --git a/News.xml b/News.xml
diff --git a/README.md b/README.md
@@ -1 +1 @@
-Website last update: 2024-09-03 at 07:54:13.
+Website last update: 2024-09-09 at 14:11:36.
diff --git a/bundle.zip b/bundle.zip
diff --git a/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html b/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html
@@ -2921,7 +2921,7 @@ <h2 id="safe-sinks">Safe Sinks<a class="headerlink" href="#safe-sinks" title="Pe
 <span class="nx">elem</span><span class="p">.</span><span class="nx">innerHTML</span><span class="w"> </span><span class="o">=</span><span class="w"> </span><span class="nx">DOMPurify</span><span class="p">.</span><span class="nx">sanitize</span><span class="p">(</span><span class="nx">dangerVar</span><span class="p">);</span>
 </code></pre></div>
 <p><strong>Safe HTML Attributes include:</strong> <code>align</code>, <code>alink</code>, <code>alt</code>, <code>bgcolor</code>, <code>border</code>, <code>cellpadding</code>, <code>cellspacing</code>, <code>class</code>, <code>color</code>, <code>cols</code>, <code>colspan</code>, <code>coords</code>, <code>dir</code>, <code>face</code>, <code>height</code>, <code>hspace</code>, <code>ismap</code>, <code>lang</code>, <code>marginheight</code>, <code>marginwidth</code>, <code>multiple</code>, <code>nohref</code>, <code>noresize</code>, <code>noshade</code>, <code>nowrap</code>, <code>ref</code>, <code>rel</code>, <code>rev</code>, <code>rows</code>, <code>rowspan</code>, <code>scrolling</code>, <code>shape</code>, <code>span</code>, <code>summary</code>, <code>tabindex</code>, <code>title</code>, <code>usemap</code>, <code>valign</code>, <code>value</code>, <code>vlink</code>, <code>vspace</code>, <code>width</code>.</p>
-<p>For a comprehensive list, check out the <a href="https://github.com/cure53/DOMPurify/blob/main/src/attrs.js">DOMPurify allowlist</a></p>
+<p>For attributes not reported above, ensure that if JavaScript code is provided as a value, it cannot be executed.</p>
 <h2 id="other-controls">Other Controls<a class="headerlink" href="#other-controls" title="Permanent link">&para;</a></h2>
 <p>Framework Security Protections, Output Encoding, and HTML Sanitization will provide the best protection for your application. OWASP recommends these in all circumstances.</p>
 <p>Consider adopting the following controls in addition to the above.</p>

diff --git a/search/search_index.json b/search/search_index.json
diff --git a/sitemap.xml b/sitemap.xml
diff --git a/sitemap.xml.gz b/sitemap.xml.gz