Skip to content

Commit cb6fc5d

Browse files
jsorefkingthorin
authored andcommitted
spelling
* against * aggregated * decimal * delimiters * detected * encoding * expires * multiple * programmatically * relevant * reports * response * responseHas * servlet * should * state * threshold * tighter * unknown * unused * value * verify * without Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
1 parent 34e66d2 commit cb6fc5d

22 files changed

Lines changed: 34 additions & 31 deletions

File tree

addOns/pscanrules/CHANGELOG.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -154,7 +154,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
154154
## [32] - 2021-01-20
155155
### Changed
156156
- The Suspicious Comments scan rule will include the offending line as evidence.
157-
- The Suspicious Comments scan rule will raise one alert per finding, instead of one aggeregated alert per HTTP message.
157+
- The Suspicious Comments scan rule will raise one alert per finding, instead of one aggregated alert per HTTP message.
158158

159159
## [31] - 2020-12-15
160160
### Changed

addOns/pscanrules/src/main/java/org/zaproxy/zap/extension/pscanrules/CharsetMismatchScanRule.java

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -193,7 +193,7 @@ public void scanHttpResponseReceive(HttpMessage msg, int id, Source source) {
193193
}
194194
} else if (isResponseXML(msg, source)) { // Check XML response charset
195195
// We're interested in the 'encoding' attribute defined in the XML
196-
// declaration tag (<?xml enconding=".."?>
196+
// declaration tag (<?xml encoding=".."?>
197197
//
198198
// TODO: could there be more than one XML declaration tag for a single XML file?
199199
List<StartTag> xmlDeclarationTags =
@@ -257,7 +257,7 @@ private void raiseAlert(
257257
+ " "
258258
+ getVariant(
259259
currentMismatch)) // Compound name (to account for variant
260-
// designations, and muitiple alerts on single URI)
260+
// designations, and multiple alerts on single URI)
261261
.setRisk(getRisk())
262262
.setConfidence(Alert.CONFIDENCE_LOW)
263263
.setDescription(getDescription())

addOns/pscanrules/src/main/java/org/zaproxy/zap/extension/pscanrules/CookieLooselyScopedScanRule.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -83,7 +83,7 @@ public void scanHttpResponseReceive(HttpMessage msg, int id, Source source) {
8383

8484
/*
8585
* Determines whether the specified cookie is loosely scoped by
86-
* checking it's Domain attribute value agains the host
86+
* checking it's Domain attribute value against the host
8787
*/
8888
private boolean isLooselyScopedCookie(HttpCookie cookie, String host) {
8989
// preconditions

addOns/pscanrules/src/main/java/org/zaproxy/zap/extension/pscanrules/InsecureAuthenticationScanRule.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -56,7 +56,7 @@ public class InsecureAuthenticationScanRule extends PluginPassiveScanner {
5656
public void scanHttpRequestSend(HttpMessage msg, int id) {
5757

5858
String uri = null, method = null;
59-
String extraInfo = null; // valeu depends on which method is being used.
59+
String extraInfo = null; // value depends on which method is being used.
6060
String digestInfo = null;
6161

6262
if (msg.getRequestHeader().isSecure()) {

addOns/pscanrules/src/main/java/org/zaproxy/zap/extension/pscanrules/UserControlledHTMLAttributesScanRule.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -167,7 +167,7 @@ private void checkHtmlAttribute(
167167
// Special handling of meta tag.
168168
// If I were just looking to see if the meta tag 'contains' the user input,
169169
// we'd wind up with lots of false positives.
170-
// To avoid this, I parse the meta tag values based on a set of delimeters,
170+
// To avoid this, I parse the meta tag values based on a set of delimiters,
171171
// such as ; = and ,. This is similar to what the Cookie poisoning
172172
// check does.
173173
if (htmlElement.getName().equalsIgnoreCase(HTMLElementName.META)

addOns/pscanrules/src/main/java/org/zaproxy/zap/extension/pscanrules/ViewstateScanRule.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -286,7 +286,7 @@ private static enum ViewstateAnalyzerPattern {
286286
// serialized objects which also trigger this filter
287287
// Example: Microsoft.SharePoint.WebControls.SPControlMode, Microsoft.SharePoint,
288288
// Version=12.0.0.0, Culture=neutral,
289-
// TODO: maybe replace this regex by a tigher rule, avoiding detecting 999.999.999.999
289+
// TODO: maybe replace this regex by a tighter rule, avoiding detecting 999.999.999.999
290290
IPADDRESS(
291291
Pattern.compile("\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}"),
292292
Constant.messages.getString(MESSAGE_PREFIX + "content.ip.name"),

addOns/pscanrules/src/main/javahelp/org/zaproxy/zap/extension/pscanrules/resources/help/contents/pscanrules.html

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -273,7 +273,7 @@ <H2>Open Redirect</H2>
273273
<H2>PII Disclosure</H2>
274274
PII is information like credit card number, SSN etc. This check currently reports only numbers which match credit card numbers and pass Luhn checksum, which gives high confidence, that this is a credit card number (images and CSS are ignored).
275275
<br>
276-
At MEDIUM and HIGH threshold it attempts to use three characters of context on each side of potential matches to exclude matches within deicmal like content.
276+
At MEDIUM and HIGH threshold it attempts to use three characters of context on each side of potential matches to exclude matches within decimal like content.
277277
At LOW threshold, alerts will be raised for such matches.
278278
<p>
279279
Note: In the case of suspected credit card values, the potential credit card numbers are looked up against a Bank Identification Number List

addOns/pscanrules/src/test/java/org/zaproxy/zap/extension/pscanrules/ContentTypeMissingScanRuleUnitTest.java

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -80,7 +80,7 @@ void shouldReturnExpectedMappings() {
8080
}
8181

8282
@Test
83-
void shoudNotAlertIfResponseBodyIsEmpty() throws HttpMalformedHeaderException {
83+
void shouldNotAlertIfResponseBodyIsEmpty() throws HttpMalformedHeaderException {
8484
// Given
8585
HttpMessage msg = createMessage();
8686
msg.getResponseHeader().setHeader(HttpResponseHeader.CONTENT_TYPE, "");
@@ -104,7 +104,7 @@ void shoudNotAlertIfContentTypePresentInResponse() throws HttpMalformedHeaderExc
104104
}
105105

106106
@Test
107-
void shoudAlertIfContentTypePresentButEmptyInResponse() throws HttpMalformedHeaderException {
107+
void shouldAlertIfContentTypePresentButEmptyInResponse() throws HttpMalformedHeaderException {
108108
// Given
109109
HttpMessage msg = createMessage();
110110
msg.getResponseHeader().setHeader(HttpResponseHeader.CONTENT_TYPE, "");
@@ -118,7 +118,7 @@ void shoudAlertIfContentTypePresentButEmptyInResponse() throws HttpMalformedHead
118118
}
119119

120120
@Test
121-
void shoudAlertIfContentTypeNotPresentInResponse() throws HttpMalformedHeaderException {
121+
void shouldAlertIfContentTypeNotPresentInResponse() throws HttpMalformedHeaderException {
122122
// Given
123123
HttpMessage msg = createMessage();
124124
// When

addOns/pscanrules/src/test/java/org/zaproxy/zap/extension/pscanrules/InformationDisclosureDebugErrorsScanRuleUnitTest.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -290,7 +290,7 @@ void changeDebugErrorsFile() throws HttpMalformedHeaderException {
290290
int expectedAlerts = 0;
291291
List<String> alternativeDebugErrors =
292292
Arrays.asList(
293-
"Alternative Error", "This should also be dected as debug error message");
293+
"Alternative Error", "This should also be detected as debug error message");
294294

295295
// Should raise alert with default error messages loaded
296296
HttpMessage msg =

addOns/pscanrules/src/test/java/org/zaproxy/zap/extension/pscanrules/InsecureAuthenticationScanRuleUnitTest.java

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -190,10 +190,10 @@ void shouldRaiseAlertIfBasicAuthenticationResponseWithNoSsl()
190190
new URI("http://www.example.com", true),
191191
HttpRequestHeader.HTTP11);
192192
msg.setRequestHeader(requestHeader);
193-
HttpResponseHeader responsHeader = new HttpResponseHeader();
194-
responsHeader.addHeader(
193+
HttpResponseHeader responseHeader = new HttpResponseHeader();
194+
responseHeader.addHeader(
195195
HttpHeader.WWW_AUTHENTICATE, AUTHORIZATION_BASIC + " realm=\"Private\"");
196-
msg.setResponseHeader(responsHeader);
196+
msg.setResponseHeader(responseHeader);
197197
// When
198198
scanHttpResponseReceive(msg);
199199
// Then

0 commit comments

Comments
 (0)