Closed sum-catnip closed 8 months ago
mackowski
commented
8 months ago Hey @sum-catnip looks resonable. Can you share some evidence/documentation that is explains this behaviour? Also I see the one lint check is failing
cheatsheets/XML_External_Entity_Prevention_Cheat_Sheet.md:567 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]
mackowski
commented
8 months ago Ok I now see that you documented this in https://github.com/OWASP/CheatSheetSeries/issues/1281, awesome! Please fix the lint error.
sum-catnip
commented
8 months ago Heyhey,
This is entirely undocumented behaviour as far as im aware. The only mention i could find is: https://github.com/microsoft/dotnet/issues/910 .
I can provide my sample asp.net 4.8 visualstudio solution with one website lacking the httpRuntime tag and one having it in a github repo when im home.
Im also gonna fix the md issue :)
Maybe i can dig up the code in the opensource dotnet implementation, i only found it by decompiling the .net framework.
sum-catnip
commented
8 months ago Ok I now see that you documented this in https://github.com/OWASP/CheatSheetSeries/issues/1281, awesome! Please fix the lint error.
Im still gonna make the poc repo just in case ;)
mackowski
commented
8 months ago Awesome! thank you!
sum-catnip
commented
8 months ago Md should be fine now :) Poc is in the issue
Thank you for submitting a Pull Request (PR) to the Cheat Sheet Series.
Please make sure that for your contribution:
[TEXT](URL)If your PR is related to an issue, please finish your PR text with the following line:
This PR covers issue #1281.
Thank you again for your contribution :smiley: