dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix typo in XXE lesson

Browse Source
This commit is contained in:
Pei Hsuan Hung 2019-09-25 00:37:36 +08:00
parent 686d8b0c85
commit 9b906a2a29
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
webgoat-lessons/xxe/src/main/resources/lessonPlans/en/XXE_intro.adoc
View File

@ -19,7 +19,7 @@ An entity must be created in the Document Type Definition (DTD), let's start wit
<author>&js;</author> <author>&js;</author>
---- ----
So everywhere you use the entity ``&js;` the parser will replace it with the value defined in the entity. So everywhere you use the entity `&js;` the parser will replace it with the value defined in the entity.
=== What is an XXE injection? === What is an XXE injection?
@ -38,4 +38,4 @@ In general we can distinguish the following kind of XXE attacks:
* Classic: in this case an external entity is included in a local DTD * Classic: in this case an external entity is included in a local DTD
* Blind: no output and or errors are shown in the response * Blind: no output and or errors are shown in the response
* Error: try to get the content of a resource in the error message * Error: try to get the content of a resource in the error message