gaspersic/freeCodeCamp
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #13347 from atjonathan/fix/typos

Browse Source 
Minor grammar and typo fixes
This commit is contained in:
Eric Leung
2017-02-15 06:21:55 -08:00
committed by GitHub
parent 201bb49c89 5fbd55aa96
commit 930ef4a315
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
challenges/06-information-security-and-quality-assurance/information-security-with-helmetjs.json
View File

@ -69,7 +69,7 @@
"id": "587d8247367417b2b2512c39",
"title": "Mitigate the risk of Cross Site Scripting (XSS) Attacks - helmet.xssFilter()",
"description": [
"Cross-site scripting (XSS) is a frequent type of attack where malicious script are injected into vulnerable pages, on the purpose of stealing sensitive data like session cookies, or passwords.",
"Cross-site scripting (XSS) is a frequent type of attack where malicious scripts are injected into vulnerable pages, with the purpose of stealing sensitive data like session cookies, or passwords.",
"The basic rule to lower the risk of an XSS attack is simple: “Never trust users input”. As a developer you should always sanitize all the input coming from the outside. This includes data coming from forms, GET query urls, and even from POST bodies. Sanitizing means that you should find and encode the characters that may be dangerous e.g. <, >.",
"Modern browsers can help mitigating the risk by adopting better software strategies. Often these are configurable via http headers.",
"The X-XSS-Protection HTTP header is a basic protection. The browser detects a potential injected script using a heuristic filter. If the header is enabled, the browser changes the script code, neutralizing it.",
@ -174,7 +174,7 @@
"id": "587d8249367417b2b2512c3e",
"title": "Disable Client-Side Caching - helmet.noCache()",
"description": [
"If you are releasing an update for your website, and you want the users to always download the newer version, you can (try to) disable caching on clients browser. It can be useful in development too. Caching has performance benefits, and you will lose them, use this option only when there is a real need."
"If you are releasing an update for your website, and you want the users to always download the newer version, you can (try to) disable caching on clients browser. It can be useful in development too. Caching has performance benefits, which you will lose, so only use this option when there is a real need."
],
"challengeSeed": [],
"tests": [