Skip to content
/ zaproxy.github.io Public

Commit 30e9890

Browse files
thc202thc202
authored
Merge pull request #1906 from zapbot/update-site-content
Update site content
2 parents dbcd080 + 3616159 commit 30e9890

File tree

20 files changed

+1778
-87
lines changed

20 files changed

+1778
-87
lines changed

alerttags/cwe-436/index.html

Lines changed: 231 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,231 @@
1+
<!doctype html>
2+
<html lang="en">
3+
4+
<head>
5+
<meta charset="utf-8">
6+
<meta name="viewport" content="width=device-width, initial-scale=1, viewport-fit=cover">
7+
<meta name="description" content="The world’s most widely used web app scanner. Free and open source. ZAP is a community project actively maintained by a dedicated international team, and a GitHub Top 1000 project.">
8+
9+
<link rel="alternate" type="application/rss+xml" href="/alerttags/cwe-436/index.xml" title="ZAP" />
10+
<title>ZAP &ndash; CWE-436</title>
11+
12+
<link rel="shortcut icon" href="/img/favicon.ico" type="image/x-icon" />
13+
<link href="https://fonts.googleapis.com/css?family=Quicksand:500,700" rel="stylesheet">
14+
<link href="https://fonts.googleapis.com/css?family=Istok+Web|Open+Sans:400,700|Rubik&display=swap" rel="stylesheet">
15+
<script src="https://cdnjs.cloudflare.com/ajax/libs/lunr.js/2.3.6/lunr.min.js"></script>
16+
17+
<script async src="https://www.googletagmanager.com/gtag/js?id=G-JDLGW1172L"></script>
18+
<script>
19+
window.dataLayer = window.dataLayer || [];
20+
function gtag(){dataLayer.push(arguments);}
21+
gtag('js', new Date());
22+
gtag('config', 'G-JDLGW1172L');
23+
</script>
24+
25+
26+
27+
<link href="/main.cb156c.css" rel="stylesheet">
28+
29+
</head>
30+
<body>
31+
<div id="page-container">
32+
<div id="content-wrap">
33+
<header class="site-header">
34+
<div class="wrapper flex jc-sb ai-c">
35+
<div class="flex">
36+
<nav class="site-nav" role="navigation">
37+
<a href="/" aria-label="return to landing page" class="logo">
38+
<img src = "/img/zap-by-checkmarx.svg" height="65px" alt="ZAP By Checkmarx"/>
39+
</a>
40+
</nav>
41+
</div>
42+
<div class="nav-content flex">
43+
<nav class="site-nav" role="navigation">
44+
<div class="hamburger-icon">
45+
<svg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="0 0 24 24"><path d="M0 0h24v24H0z" fill="none"/><path d="M3 18h18v-2H3v2zm0-5h18v-2H3v2zm0-7v2h18V6H3z"/></svg>
46+
</div>
47+
<input class="hamburger-click" aria-label="site menu" type="checkbox" />
48+
<ul id="primary-menu" class="flex">
49+
50+
51+
52+
<li class="">
53+
<a href="/blog/" title="Blog page">
54+
Blog
55+
</a>
56+
</li>
57+
58+
59+
60+
<li class="">
61+
<a href="/videos/" title="Videos page">
62+
Videos
63+
</a>
64+
</li>
65+
66+
67+
68+
<li class="">
69+
<a href="/docs/" title="Documentation page">
70+
Documentation
71+
</a>
72+
</li>
73+
74+
75+
76+
<li class="">
77+
<a href="/community/" title="Community page">
78+
Community
79+
</a>
80+
</li>
81+
82+
83+
<li id="search-menu">
84+
<a class="toggler" href="#">
85+
<img height="20" width="20" src="/img/search.svg" alt="Search icon"/>
86+
</a>
87+
88+
<form data-no-csrf action="/search">
89+
<input type="text" name="q" placeholder="Search ..." style="width: 100%" />
90+
</form>
91+
</li>
92+
</ul>
93+
</nav>
94+
<div class="download-button">
95+
<a id="cta-download" href="/download/" class="button button--orange">Download</a>
96+
</div>
97+
<div class="social-links header-social">
98+
<ul class="flex ai-c no-list-style m-10 px-20">
99+
<li>
100+
<a href="https://github.com/zaproxy" aria-label="Go to ZAP's GitHub repo"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 19.36 18.88"><path d="M9.68 0a9.68 9.68 0 0 0-3.06 18.86c.48.09.64-.21.64-.46v-1.8C4.57 17.18 4 15.45 4 15.45A2.57 2.57 0 0 0 2.93 14c-.88-.6.07-.59.07-.59a2 2 0 0 1 1.48 1 2.06 2.06 0 0 0 2.82.8A2 2 0 0 1 7.91 14c-2.15-.29-4.41-1.12-4.41-4.83a3.72 3.72 0 0 1 1-2.59A3.53 3.53 0 0 1 4.59 4s.82-.26 2.67 1a9 9 0 0 1 4.84 0c1.9-1.25 2.66-1 2.66-1a3.49 3.49 0 0 1 .1 2.57 3.71 3.71 0 0 1 1 2.59c0 3.72-2.26 4.54-4.42 4.78a2.3 2.3 0 0 1 .67 1.79v2.67c0 .25.15.56.64.46A9.68 9.68 0 0 0 9.68 0z" fill="#00549e"/></svg></a>
101+
</li>
102+
<li>
103+
<a href="https://twitter.com/zaproxy" aria-label="Follow ZAP on Twitter"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 19.36 15.73"><path d="M19.36 1.86a8 8 0 0 1-2.28.63 3.94 3.94 0 0 0 1.74-2.2 7.53 7.53 0 0 1-2.52 1 4 4 0 0 0-6.77 3.59A11.29 11.29 0 0 1 1.35.73 4 4 0 0 0 2.58 6a3.91 3.91 0 0 1-1.8-.5A4 4 0 0 0 4 9.48a4 4 0 0 1-1.79.06 4 4 0 0 0 3.67 2.76A8 8 0 0 1 0 14a11.32 11.32 0 0 0 6.09 1.78A11.24 11.24 0 0 0 17.38 3.92a8.08 8.08 0 0 0 1.98-2.06z" fill="#00549e"/></svg></a>
104+
</li>
105+
</ul>
106+
</div>
107+
</div>
108+
109+
</div>
110+
</header>
111+
112+
113+
<section class="bolt-header">
114+
<div class="wrapper py-20">
115+
116+
<h1 class="text--white">Alert Tag: CWE-436</h1>
117+
118+
</div>
119+
</section>
120+
<div class="wrapper py-70">
121+
<header class="breadcrumbs">
122+
<a href="/alerttags/">Alert Tags</a> &gt;
123+
124+
<a href="/alerttags/cwe-436">CWE-436</a>
125+
126+
</header>
127+
128+
129+
130+
131+
132+
<h4><a href="https://cwe.mitre.org/data/definitions/436.html">https://cwe.mitre.org/data/definitions/436.html</a></h4>
133+
134+
All of the alerts which use this tag:
135+
136+
137+
<div class="flex latest-versions">
138+
<table data-sort-filter>
139+
<thead>
140+
<tr>
141+
<th>Tag</th>
142+
<th>Link</th>
143+
</tr>
144+
</thead>
145+
<tbody>
146+
147+
148+
<tr>
149+
<td><a href="/docs/alerts/90011-4/">Charset Mismatch</a></td>
150+
<td><a href=""></a></td>
151+
</tr>
152+
153+
154+
<tr>
155+
<td><a href="/docs/alerts/90011-2/">Charset Mismatch (Header Versus Meta Charset)</a></td>
156+
<td><a href=""></a></td>
157+
</tr>
158+
159+
160+
<tr>
161+
<td><a href="/docs/alerts/90011-1/">Charset Mismatch (Header Versus Meta Content-Type Charset)</a></td>
162+
<td><a href=""></a></td>
163+
</tr>
164+
165+
166+
<tr>
167+
<td><a href="/docs/alerts/90011-3/">Charset Mismatch (Meta Charset Versus Meta Content-Type Charset)</a></td>
168+
<td><a href=""></a></td>
169+
</tr>
170+
171+
</tbody>
172+
</table>
173+
</div>
174+
</div>
175+
176+
</div>
177+
<footer class="site-footer py-20 mt-20">
178+
<div class="wrapper flex jc-sb">
179+
<div class="flex ai-c">
180+
<div class="footer-logo"><svg xmlns="http://www.w3.org/2000/svg" width="55px" viewBox="0 0 77.58 77.61"><path d="M49.48 21.64a3.46 3.46 0 0 1 .44 3 3.38 3.38 0 0 1-2.16 2.14l-1.17.38 10.74 13.56a3.39 3.39 0 0 1-1.83 5.41l-2 .5L68 65A37.78 37.78 0 0 0 39.85 2c-1.34 0-2.66.07-4 .2zM23.33 48.26a3.4 3.4 0 0 1 .45-6.09L25 41.7l-13.81-10a3.4 3.4 0 0 1 .62-5.86l.2-.09-5.47-3.84a37.79 37.79 0 0 0 55.32 48.6z" fill="#fff"/><path d="M67.84 69.48L49 45.59a.55.55 0 0 1 .28-.87l5.55-1.36a.58.58 0 0 0 .23-.13.48.48 0 0 0 .09-.11.62.62 0 0 0 .08-.24.58.58 0 0 0 0-.26.54.54 0 0 0-.07-.13L42.29 26.37a.75.75 0 0 1-.07-.12.55.55 0 0 1 .31-.74l4.35-1.4a.54.54 0 0 0 .26-.83L30.92.22a.5.5 0 0 0-.61-.22L.32 13a.55.55 0 0 0-.1.94l16.72 11.88a.52.52 0 0 1 .22.49.45.45 0 0 1-.09.26.48.48 0 0 1-.09.11l-.13.08-3.93 1.72a.55.55 0 0 0-.29.31v.13a.59.59 0 0 0 .22.5l8.62 6.22 8.61 6.21a.55.55 0 0 1 0 .87.57.57 0 0 1-.13.08l-5.11 2a.55.55 0 0 0-.28.75.56.56 0 0 0 .21.22l42.43 24.5a.53.53 0 0 0 .64-.79z" fill="#fff"/></svg></div>
181+
<div class="footer-left">
182+
<nav class="footer-nav">
183+
<ul class="flex">
184+
185+
186+
187+
<li class="ml-10"><a href="/blog/" title="Blog page">Blog</a></li>
188+
189+
190+
191+
<li class="ml-10"><a href="/videos/" title="Videos page">Videos</a></li>
192+
193+
194+
195+
<li class="ml-10"><a href="/community/" title="Community page">Community</a></li>
196+
197+
198+
199+
<li class="ml-10"><a href="/docs/statistics/" title="Statistics page">Statistics</a></li>
200+
201+
202+
</ul>
203+
</nav>
204+
205+
</div>
206+
</div>
207+
208+
<div class="flex ai-c">
209+
<span class="OutroFooter">
210+
© Copyright 2025 the ZAP Dev Team</br>
211+
ZAP by <a href="https://checkmarx.com" aria-label="Checkmarx">Checkmarx</a>
212+
</span>
213+
<ul class="flex footer-social">
214+
<li>
215+
<a href="https://github.com/zaproxy/" aria-label="Go to ZAP's GitHub repo"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 19.36 18.88"><path d="M9.68 0a9.68 9.68 0 0 0-3.06 18.86c.48.09.64-.21.64-.46v-1.8C4.57 17.18 4 15.45 4 15.45A2.57 2.57 0 0 0 2.93 14c-.88-.6.07-.59.07-.59a2 2 0 0 1 1.48 1 2.06 2.06 0 0 0 2.82.8A2 2 0 0 1 7.91 14c-2.15-.29-4.41-1.12-4.41-4.83a3.72 3.72 0 0 1 1-2.59A3.53 3.53 0 0 1 4.59 4s.82-.26 2.67 1a9 9 0 0 1 4.84 0c1.9-1.25 2.66-1 2.66-1a3.49 3.49 0 0 1 .1 2.57 3.71 3.71 0 0 1 1 2.59c0 3.72-2.26 4.54-4.42 4.78a2.3 2.3 0 0 1 .67 1.79v2.67c0 .25.15.56.64.46A9.68 9.68 0 0 0 9.68 0z" fill="#00549e"/></svg></a>
216+
</li>
217+
<li>
218+
<a href="https://twitter.com/zaproxy" aria-label="Follow ZAP on Twitter"> <svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 19.36 15.73"><path d="M19.36 1.86a8 8 0 0 1-2.28.63 3.94 3.94 0 0 0 1.74-2.2 7.53 7.53 0 0 1-2.52 1 4 4 0 0 0-6.77 3.59A11.29 11.29 0 0 1 1.35.73 4 4 0 0 0 2.58 6a3.91 3.91 0 0 1-1.8-.5A4 4 0 0 0 4 9.48a4 4 0 0 1-1.79.06 4 4 0 0 0 3.67 2.76A8 8 0 0 1 0 14a11.32 11.32 0 0 0 6.09 1.78A11.24 11.24 0 0 0 17.38 3.92a8.08 8.08 0 0 0 1.98-2.06z" fill="#00549e"/></svg></a>
219+
</li>
220+
</ul>
221+
</div>
222+
</div>
223+
</footer>
224+
225+
226+
227+
<script src="/main.4d3af1.js"></script>
228+
229+
</div>
230+
</body>
231+
</html>

alerttags/cwe-436/index.xml

Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,39 @@
1+
<?xml version="1.0" encoding="utf-8" standalone="yes"?>
2+
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
3+
<channel>
4+
<title>CWE-436 on ZAP</title>
5+
<link>/alerttags/cwe-436/</link>
6+
<description>Recent content in CWE-436 on ZAP</description>
7+
<generator>Hugo</generator>
8+
<language>en-us</language>
9+
<atom:link href="/alerttags/cwe-436/index.xml" rel="self" type="application/rss+xml" />
10+
<item>
11+
<title>Charset Mismatch</title>
12+
<link>/docs/alerts/90011-4/</link>
13+
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
14+
<guid>/docs/alerts/90011-4/</guid>
15+
<description>&lt;p&gt;This check identifies responses where the HTTP Content-Type header declares a charset different from the charset defined by the body of the HTML or XML. When there&amp;rsquo;s a charset mismatch between the HTTP header and content body Web browsers can be forced into an undesirable content-sniffing mode to determine the content&amp;rsquo;s correct character set.&lt;/p&gt;</description>
16+
</item>
17+
<item>
18+
<title>Charset Mismatch (Header Versus Meta Charset)</title>
19+
<link>/docs/alerts/90011-2/</link>
20+
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
21+
<guid>/docs/alerts/90011-2/</guid>
22+
<description>&lt;p&gt;This check identifies responses where the HTTP Content-Type header declares a charset different from the charset defined by the body of the HTML or XML. When there&amp;rsquo;s a charset mismatch between the HTTP header and content body Web browsers can be forced into an undesirable content-sniffing mode to determine the content&amp;rsquo;s correct character set.&lt;/p&gt;</description>
23+
</item>
24+
<item>
25+
<title>Charset Mismatch (Header Versus Meta Content-Type Charset)</title>
26+
<link>/docs/alerts/90011-1/</link>
27+
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
28+
<guid>/docs/alerts/90011-1/</guid>
29+
<description>&lt;p&gt;This check identifies responses where the HTTP Content-Type header declares a charset different from the charset defined by the body of the HTML or XML. When there&amp;rsquo;s a charset mismatch between the HTTP header and content body Web browsers can be forced into an undesirable content-sniffing mode to determine the content&amp;rsquo;s correct character set.&lt;/p&gt;</description>
30+
</item>
31+
<item>
32+
<title>Charset Mismatch (Meta Charset Versus Meta Content-Type Charset)</title>
33+
<link>/docs/alerts/90011-3/</link>
34+
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
35+
<guid>/docs/alerts/90011-3/</guid>
36+
<description>&lt;p&gt;This check identifies responses where the HTTP Content-Type header declares a charset different from the charset defined by the body of the HTML or XML. When there&amp;rsquo;s a charset mismatch between the HTTP header and content body Web browsers can be forced into an undesirable content-sniffing mode to determine the content&amp;rsquo;s correct character set.&lt;/p&gt;</description>
37+
</item>
38+
</channel>
39+
</rss>

alerttags/index.html

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -409,6 +409,12 @@ <h1 class="text--white">Alert Tags</h1>
409409
</tr>
410410

411411

412+
<tr>
413+
<td><a href="/alerttags/cwe-436/">CWE-436</a></td>
414+
<td><a href="https://cwe.mitre.org/data/definitions/436.html">https://cwe.mitre.org/data/definitions/436.html</a></td>
415+
</tr>
416+
417+
412418
<tr>
413419
<td><a href="/alerttags/cwe-472/">CWE-472</a></td>
414420
<td><a href="https://cwe.mitre.org/data/definitions/472.html">https://cwe.mitre.org/data/definitions/472.html</a></td>

alerttags/index.xml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -322,6 +322,13 @@
322322
<guid>/alerttags/cwe-434/</guid>
323323
<description></description>
324324
</item>
325+
<item>
326+
<title>CWE-436</title>
327+
<link>/alerttags/cwe-436/</link>
328+
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
329+
<guid>/alerttags/cwe-436/</guid>
330+
<description></description>
331+
</item>
325332
<item>
326333
<title>CWE-472</title>
327334
<link>/alerttags/cwe-472/</link>

alerttags/policy_pentest/index.html

Lines changed: 19 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -230,7 +230,25 @@ <h4>POLICY_PENTEST</h4>
230230

231231

232232
<tr>
233-
<td><a href="/docs/alerts/90011/">Charset Mismatch</a></td>
233+
<td><a href="/docs/alerts/90011-4/">Charset Mismatch</a></td>
234+
<td><a href=""></a></td>
235+
</tr>
236+
237+
238+
<tr>
239+
<td><a href="/docs/alerts/90011-2/">Charset Mismatch (Header Versus Meta Charset)</a></td>
240+
<td><a href=""></a></td>
241+
</tr>
242+
243+
244+
<tr>
245+
<td><a href="/docs/alerts/90011-1/">Charset Mismatch (Header Versus Meta Content-Type Charset)</a></td>
246+
<td><a href=""></a></td>
247+
</tr>
248+
249+
250+
<tr>
251+
<td><a href="/docs/alerts/90011-3/">Charset Mismatch (Meta Charset Versus Meta Content-Type Charset)</a></td>
234252
<td><a href=""></a></td>
235253
</tr>
236254

alerttags/policy_pentest/index.xml

Lines changed: 23 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -107,9 +107,30 @@
107107
</item>
108108
<item>
109109
<title>Charset Mismatch</title>
110-
<link>/docs/alerts/90011/</link>
110+
<link>/docs/alerts/90011-4/</link>
111111
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
112-
<guid>/docs/alerts/90011/</guid>
112+
<guid>/docs/alerts/90011-4/</guid>
113+
<description>&lt;p&gt;This check identifies responses where the HTTP Content-Type header declares a charset different from the charset defined by the body of the HTML or XML. When there&amp;rsquo;s a charset mismatch between the HTTP header and content body Web browsers can be forced into an undesirable content-sniffing mode to determine the content&amp;rsquo;s correct character set.&lt;/p&gt;</description>
114+
</item>
115+
<item>
116+
<title>Charset Mismatch (Header Versus Meta Charset)</title>
117+
<link>/docs/alerts/90011-2/</link>
118+
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
119+
<guid>/docs/alerts/90011-2/</guid>
120+
<description>&lt;p&gt;This check identifies responses where the HTTP Content-Type header declares a charset different from the charset defined by the body of the HTML or XML. When there&amp;rsquo;s a charset mismatch between the HTTP header and content body Web browsers can be forced into an undesirable content-sniffing mode to determine the content&amp;rsquo;s correct character set.&lt;/p&gt;</description>
121+
</item>
122+
<item>
123+
<title>Charset Mismatch (Header Versus Meta Content-Type Charset)</title>
124+
<link>/docs/alerts/90011-1/</link>
125+
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
126+
<guid>/docs/alerts/90011-1/</guid>
127+
<description>&lt;p&gt;This check identifies responses where the HTTP Content-Type header declares a charset different from the charset defined by the body of the HTML or XML. When there&amp;rsquo;s a charset mismatch between the HTTP header and content body Web browsers can be forced into an undesirable content-sniffing mode to determine the content&amp;rsquo;s correct character set.&lt;/p&gt;</description>
128+
</item>
129+
<item>
130+
<title>Charset Mismatch (Meta Charset Versus Meta Content-Type Charset)</title>
131+
<link>/docs/alerts/90011-3/</link>
132+
<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
133+
<guid>/docs/alerts/90011-3/</guid>
113134
<description>&lt;p&gt;This check identifies responses where the HTTP Content-Type header declares a charset different from the charset defined by the body of the HTML or XML. When there&amp;rsquo;s a charset mismatch between the HTTP header and content body Web browsers can be forced into an undesirable content-sniffing mode to determine the content&amp;rsquo;s correct character set.&lt;/p&gt;</description>
114135
</item>
115136
<item>

alerttags/policy_qa_std/index.html

Lines changed: 19 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -170,7 +170,25 @@ <h4>POLICY_QA_STD</h4>
170170

171171

172172
<tr>
173-
<td><a href="/docs/alerts/90011/">Charset Mismatch</a></td>
173+
<td><a href="/docs/alerts/90011-4/">Charset Mismatch</a></td>
174+
<td><a href=""></a></td>
175+
</tr>
176+
177+
178+
<tr>
179+
<td><a href="/docs/alerts/90011-2/">Charset Mismatch (Header Versus Meta Charset)</a></td>
180+
<td><a href=""></a></td>
181+
</tr>
182+
183+
184+
<tr>
185+
<td><a href="/docs/alerts/90011-1/">Charset Mismatch (Header Versus Meta Content-Type Charset)</a></td>
186+
<td><a href=""></a></td>
187+
</tr>
188+
189+
190+
<tr>
191+
<td><a href="/docs/alerts/90011-3/">Charset Mismatch (Meta Charset Versus Meta Content-Type Charset)</a></td>
174192
<td><a href=""></a></td>
175193
</tr>
176194

0 commit comments

Comments
 (0)