fix template validation action

OWASP · Apr 18, 2024 · 7eec4bf · 7eec4bf
1 parent f7f6aa2
commit 7eec4bf
Showing 1 changed file with 6 additions and 9 deletions.
diff --git a/templates/12.6.1.yaml b/templates/12.6.1.yaml
@@ -3,7 +3,7 @@ id: ASVS-4-0-3-V12-6-1
 info:
   name: ASVS 12.6.1 Check
   author: AmirHossein Raeisi
-  severity: high  
+  severity: high
   classification:
     cwe-id: CWE-918
   reference:
@@ -14,13 +14,12 @@ info:
   description: |
     Verify that the web or application server is configured with an allow list of resources or systems to which the server can send requests or load data/files from.
 
-variables: 
+variables:
   whiltelist_host: "http://google.com"
   server_file: "file:///etc/passwd"
-  restricted_path: "/admin" 
+  restricted_path: "/admin"
   restricted_path_keyword: "Welcom to Admin Panel"
 
-
 requests:
   - raw:
       - |
@@ -35,7 +34,7 @@ requests:
       - type: regex
         regex:
           - "root:[x*]:0:0:"
-  
+
   - raw:
       - |
         POST {{BaseURL}} HTTP/1.1
@@ -50,7 +49,7 @@ requests:
         Content-Type: application/json
 
         {"url":"{{whiltelist_host}}.{{interactsh-url}}"}
-        
+
       - |
         POST {{BaseURL}} HTTP/1.1
         Host: {{Hostname}}
@@ -73,7 +72,6 @@ requests:
           - "http"
           - "dns"
 
-
   - raw:
       - |
         POST {{BaseURL}} HTTP/1.1
@@ -108,10 +106,9 @@ requests:
         - '127.0x0.0x0.0x1'
         - '2130706433'
 
-
     stop-at-first-match: true
     matchers:
 
       - type: word
         words:
-          - "{{restricted_path_keyword}}"
+          - "{{restricted_path_keyword}}"