dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #668 from afcidk/fix-typo

Browse Source 
thanks for the fix
This commit is contained in:
René Zubcevic 2019-09-27 15:05:59 +02:00 committed by GitHub
commit 45c7949118
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
webgoat-lessons/xxe/src/main/resources/lessonPlans/en/XXE_intro.adoc
View File

@ -19,7 +19,7 @@ An entity must be created in the Document Type Definition (DTD), let's start wit
<author>&js;</author> <author>&js;</author>
---- ----
So everywhere you use the entity ``&js;` the parser will replace it with the value defined in the entity. So everywhere you use the entity `&js;` the parser will replace it with the value defined in the entity.
=== What is an XXE injection? === What is an XXE injection?
@ -38,4 +38,4 @@ In general we can distinguish the following kind of XXE attacks:
* Classic: in this case an external entity is included in a local DTD * Classic: in this case an external entity is included in a local DTD
* Blind: no output and or errors are shown in the response * Blind: no output and or errors are shown in the response
* Error: try to get the content of a resource in the error message * Error: try to get the content of a resource in the error message