Adding Test Path Confusion

[cyspad]

This PR closes #1011 .

• [ ] This PR handles the issue and requires no additional PRs.
• [x] You have validated the need for this change.

What did this PR accomplish?

• Adding Test for Path Confusion

[github-actions[bot]]

The following issues were identified: document/4-Web_Application_Security_Testing/04-Authentication_Testing/Testing_For_Web_Cache_Deception.md:7 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2] document/4-Web_Application_Security_Testing/04-Authentication_Testing/Testing_For_Web_Cache_Deception.md:10:121 MD010/no-hard-tabs Hard tabs [Column: 121] document/4-Web_Application_Security_Testing/04-Authentication_Testing/Testing_For_Web_Cache_Deception.md:18 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2] document/4-Web_Application_Security_Testing/04-Authentication_Testing/Testing_For_Web_Cache_Deception.md:32:1 MD007/ul-indent Unordered list indentation [Expected: 0; Actual: 1] document/4-Web_Application_Security_Testing/04-Authentication_Testing/Testing_For_Web_Cache_Deception.md:33:1 MD007/ul-indent Unordered list indentation [Expected: 0; Actual: 1] document/4-Web_Application_Security_Testing/04-Authentication_Testing/Testing_For_Web_Cache_Deception.md:35 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2] document/4-Web_Application_Security_Testing/04-Authentication_Testing/Testing_For_Web_Cache_Deception.md:38:110 MD034/no-bare-urls Bare URL used [Context: "https://www.example.com/my_pro..."] document/4-Web_Application_Security_Testing/04-Authentication_Testing/Testing_For_Web_Cache_Deception.md:40:71 MD034/no-bare-urls Bare URL used [Context: "https://www.example.com/my_pro..."] document/4-Web_Application_Security_Testing/04-Authentication_Testing/Testing_For_Web_Cache_Deception.md:44:59 MD034/no-bare-urls Bare URL used [Context: "https://www.example.com/my_pro..."] document/4-Web_Application_Security_Testing/04-Authentication_Testing/Testing_For_Web_Cache_Deception.md:48:1 MD007/ul-indent Unordered list indentation [Expected: 0; Actual: 1] document/4-Web_Application_Security_Testing/04-Authentication_Testing/Testing_For_Web_Cache_Deception.md:48:9 MD034/no-bare-urls Bare URL used [Context: "https://www.example.com/my_pro..."] document/4-Web_Application_Security_Testing/04-Authentication_Testing/Testing_For_Web_Cache_Deception.md:48:82 MD034/no-bare-urls Bare URL used [Context: "https://www.example.com/my_pro..."] document/4-Web_Application_Security_Testing/04-Authentication_Testing/Testing_For_Web_Cache_Deception.md:50:1 MD007/ul-indent Unordered list indentation [Expected: 0; Actual: 1] document/4-Web_Application_Security_Testing/04-Authentication_Testing/Testing_For_Web_Cache_Deception.md:52:1 MD007/ul-indent Unordered list indentation [Expected: 0; Actual: 1] document/4-Web_Application_Security_Testing/04-Authentication_Testing/Testing_For_Web_Cache_Deception.md:54 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2] document/4-Web_Application_Security_Testing/04-Authentication_Testing/Testing_For_Web_Cache_Deception.md:57:1 MD034/no-bare-urls Bare URL used [Context: "https://beaglesecurity.com/blo..."] document/4-Web_Application_Security_Testing/04-Authentication_Testing/Testing_For_Web_Cache_Deception.md:59 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2] document/4-Web_Application_Security_Testing/04-Authentication_Testing/Testing_For_Web_Cache_Deception.md:64 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]

[github-actions[bot]]

The following mistakes were identified:

/home/runner/work/wstg/wstg/document/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/13-Test_for_Path_Confusion.md 33:151 ✖ Incorrect usage of the term: “regex”, use “regular expression” instead terminology

[github-actions[bot]]

The following links are broken: FILE:document/4-Web_Application_Security_Testing/04-Authentication_Testing/Testing_For_Web_Cache_Deception.md [✖] https://www.example.com/my_profile → Status: 0 [✖] https://www.example.com/my_profile/test.css → Status: 0

[github-actions[bot]]

The following mistakes were identified:

/home/runner/work/wstg/wstg/document/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/13-Test_for_Path_Confusion.md 33:151 ✖ Incorrect usage of the term: “regex”, use “regular expression” instead terminology

[kingthorin]

The relevant indexes also need to be updated:

• https://github.com/OWASP/wstg/blob/master/document/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/README.md
• https://github.com/OWASP/wstg/blob/master/document/README.md

[cyspad]

Could you also add a Remediation section?

i cant add any Remediation if you can please help me

[kingthorin]

These should be good enough for now:

• Refrain from classify/handling cached based on file extension or path (leverage content-type).
• Ensure the caching mechanism(s) adhere to cache-control headers specified by your application.
• Implement RFC compliant File Not Found handling and redirects.

[github-actions[bot]]

The following issues were identified: document/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/13-Test_for_Path_Confusion.md:55:1 MD007/ul-indent Unordered list indentation [Expected: 0; Actual: 1] document/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/13-Test_for_Path_Confusion.md:56:1 MD007/ul-indent Unordered list indentation [Expected: 0; Actual: 1] document/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/13-Test_for_Path_Confusion.md:57:1 MD007/ul-indent Unordered list indentation [Expected: 0; Actual: 1] document/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/13-Test_for_Path_Confusion.md:59 MD012/no-multiple-blanks Multiple consecutive blank lines [Expected: 1; Actual: 2]

[github-actions[bot]]

The following issues were identified: document/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/13-Test_for_Path_Confusion.md:55:1 MD007/ul-indent Unordered list indentation [Expected: 0; Actual: 1] document/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/13-Test_for_Path_Confusion.md:56:1 MD007/ul-indent Unordered list indentation [Expected: 0; Actual: 1] document/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/13-Test_for_Path_Confusion.md:57:1 MD007/ul-indent Unordered list indentation [Expected: 0; Actual: 1]

[cyspad]

Dear @kingthorin Thank you for helping me

[kingthorin]

No problem, thanks for tackling that!

[cyspad]

I have a question Am I on the list of contributors now?