-
Notifications
You must be signed in to change notification settings - Fork 22.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add Observatory docs to MDN #33793
Open
chrisdavidmills
wants to merge
59
commits into
mdn:main
Choose a base branch
from
chrisdavidmills:add-observatory-docs-to-mdn
base: main
Could not load branches
Branch not found: {{ refName }}
Could not load tags
Nothing to show
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
+1,041
−234
Open
Add Observatory docs to MDN #33793
Changes from 1 commit
Commits
Show all changes
59 commits
Select commit
Hold shift + click to select a range
4703db1
Restructure security landing page
chrisdavidmills c04092c
Retitle and redirect Security your site page to Practical implementat…
chrisdavidmills 5254100
Update files/en-us/web/security/index.md
chrisdavidmills c39da2b
Update files/en-us/web/security/index.md
chrisdavidmills c7a383a
initial draft of all Observatory pages
chrisdavidmills 3164d32
Merge branch 'add-observatory-docs-to-mdn' of github.com:chrisdavidmi…
chrisdavidmills 06d0b98
Update files/en-us/web/security/practical_implementation/clickjacking…
chrisdavidmills cc8a1bb
Update files/en-us/web/security/practical_implementation/clickjacking…
chrisdavidmills d7d47c7
Update files/en-us/web/security/practical_implementation/cookies/inde…
chrisdavidmills 64dd386
Update files/en-us/web/security/practical_implementation/clickjacking…
chrisdavidmills 0dc7334
Update files/en-us/web/security/practical_implementation/cookies/inde…
chrisdavidmills 883d4a5
Update files/en-us/web/security/practical_implementation/referrer_pol…
chrisdavidmills 68659ec
Update files/en-us/web/security/practical_implementation/referrer_pol…
chrisdavidmills 8c03637
Update files/en-us/web/security/practical_implementation/sri/index.md
chrisdavidmills 189313e
Update files/en-us/web/security/practical_implementation/sri/index.md
chrisdavidmills 460025c
Update files/en-us/web/security/practical_implementation/tls/index.md
chrisdavidmills ec81406
Update files/en-us/web/security/practical_implementation/cookies/inde…
chrisdavidmills 74ab66d
Update files/en-us/web/security/practical_implementation/cookies/inde…
chrisdavidmills dbeb415
Update files/en-us/web/security/practical_implementation/cors/index.md
chrisdavidmills 0d277b9
Update files/en-us/web/security/practical_implementation/cors/index.md
chrisdavidmills d01abc7
Update files/en-us/web/security/practical_implementation/csp/index.md
chrisdavidmills 63410ca
Update files/en-us/web/security/practical_implementation/csp/index.md
chrisdavidmills 612279a
Update files/en-us/web/security/practical_implementation/csp/index.md
chrisdavidmills 1d6810d
Update files/en-us/web/security/practical_implementation/csp/index.md
chrisdavidmills e24c1a2
Update files/en-us/web/security/practical_implementation/csp/index.md
chrisdavidmills 65a6c43
Update files/en-us/web/security/practical_implementation/csrf_prevent…
chrisdavidmills a307fc4
Update files/en-us/web/security/practical_implementation/csrf_prevent…
chrisdavidmills 309e549
Update files/en-us/web/security/practical_implementation/csrf_prevent…
chrisdavidmills 7755192
Update files/en-us/web/security/practical_implementation/csrf_prevent…
chrisdavidmills a9d6f30
Update files/en-us/web/security/practical_implementation/index.md
chrisdavidmills 7b437a9
Update files/en-us/web/security/practical_implementation/referrer_pol…
chrisdavidmills d7a2d24
Merge branch 'main' into add-observatory-docs-to-mdn
chrisdavidmills 5b4e224
Fix broken links
chrisdavidmills 69de9a9
tidy up links on the main practical page
chrisdavidmills 85916b3
Make sure desired documents are linked to
chrisdavidmills 536fc91
Merge branch 'main' into add-observatory-docs-to-mdn
chrisdavidmills 46e7951
Add a few details to make sure the page align with the test results
chrisdavidmills c43f8ea
Merge branch 'main' into add-observatory-docs-to-mdn
chrisdavidmills 8d68d09
fixes for dipikabh review comments
chrisdavidmills cfa0529
Update files/en-us/web/security/practical_implementation/index.md
chrisdavidmills b19f5e2
Update files/en-us/web/security/practical_implementation_guides/index.md
chrisdavidmills 8ded9c2
Update files/en-us/web/security/practical_implementation_guides/index.md
chrisdavidmills d828218
remove old version of guide landing page
chrisdavidmills 93eca1a
tweak redirects
chrisdavidmills 35c1c3b
More fixes for dipikabh review comments
chrisdavidmills 6da1616
Update files/en-us/web/security/practical_implementation_guides/index.md
chrisdavidmills 66f47fe
Fix latest round of dipika review comments, and fix some links
chrisdavidmills 74eae48
Making fixes for review comments from dipika and tibap
chrisdavidmills d7375f5
Update files/en-us/web/security/practical_implementation_guides/csrf_…
chrisdavidmills 006f2f7
Update files/en-us/web/security/practical_implementation_guides/index.md
chrisdavidmills e18b08f
Update files/en-us/web/security/practical_implementation_guides/index.md
chrisdavidmills 26e178a
Update files/en-us/web/security/practical_implementation_guides/tls/i…
chrisdavidmills 796d616
last few tweaks
chrisdavidmills 75dd4d9
Merge branch 'main' into add-observatory-docs-to-mdn
caugner 72d7c97
fix broken links
chrisdavidmills 0529929
Fixes for gene1wood review comments
chrisdavidmills 2875f75
Fixes for review comments from freddyb
chrisdavidmills 02051b8
add corp page
chrisdavidmills 2e5a8ee
Merge branch 'main' into add-observatory-docs-to-mdn
chrisdavidmills File filter
Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
last few tweaks
- Loading branch information
commit 796d6161398d8d02007e31e2c495371de9636389
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change | ||||
---|---|---|---|---|---|---|
|
@@ -14,7 +14,7 @@ page-type: guide | |||||
|
||||||
If data is sent over the web unencrypted, it can be intercepted and read by third parties, who can modify and/or steal the data — this is often known as a [manipulator-in-the-middle](/en-US/docs/Glossary/MitM) (MiTM) attack. MiTM attacks have severe consequences for the security of your system. | ||||||
|
||||||
All requests and responses should therefore be sent over HTTPS. The modern web practically enforces this — all browsers are moving towards requiring [HTTPS](/en-US/docs/Glossary/HTTPS) by default, and many web features can only be used in a [secure context](/en-US/docs/Web/Security/Secure_Contexts). | ||||||
All requests and responses should, therefore, be sent over HTTPS. The modern web practically enforces this — all browsers are moving towards requiring [HTTPS](/en-US/docs/Glossary/HTTPS) by default, and many web features can only be used in a [secure context](/en-US/docs/Web/Security/Secure_Contexts). | ||||||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
Suggested change
We need to connect the beginning of this article which talks about TLS to HTTPS (the reader won't necessarily know the relationship between these) There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. good call; added |
||||||
|
||||||
### Solution | ||||||
|
||||||
|
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To steal the data implies it's not there anymore which is not the risk. The risk is that an attacker reads private data.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This makes sense. I have updated it to the following:
"modify and/or read" seemed like the wrong way around to express these.