Skip to content

Commit

Permalink
fix: small typo (#154)
Browse files Browse the repository at this point in the history
  • Loading branch information
@bliutech
bliutech authored Apr 20, 2024
1 parent 9d9c169 commit 796fe41
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion content/docs/attacks/css-injection.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ Larger text dimensions can result in the scroll bar being shown,
This scroll bar can have a custom style such as `background: url()` so that it makes a request to an attacker-controlled server when shown. [^3]

## Defense
- Put attacker controled content in its own document this can be done using a iframe with the srcdoc attrbute.
- Put attacker controled content in its own document this can be done using a iframe with the srcdoc attribute.
Optionaly include the sandbox attbute to isolate the content into its own origin.
- Use a CSS inliner so global styles get converted.

Expand Down

0 comments on commit 796fe41

Please sign in to comment.