From c1c8adefc6931b70b7b2b1beefe6181c372260d8 Mon Sep 17 00:00:00 2001
From: Swissky <maxropelewski@gmail.com>
Date: Mon, 27 Feb 2017 20:04:53 +0100
Subject: [PATCH] Web cache deception update

---
 Web cache deception/README.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/Web cache deception/README.md b/Web cache deception/README.md
index f59b002..83faf8c 100644
--- a/Web cache deception/README.md	
+++ b/Web cache deception/README.md	
@@ -1,13 +1,15 @@
 # Web Cache Deception Attack
 
 ## Exploit
+```
 1.Browser requests http://www.example.com/home.php/non-existent.css.
 2.Server returns the content of http://www.example.com/home.php, most probably with HTTP caching headers that instruct to not cache this page.
 3.The response goes through the proxy.
 4.The proxy identifies that the file has a css extension.
 5.Under the cache directory, the proxy creates a directory named home.php, and caches the imposter "CSS" file (non-existent.css) inside.
+```
 
-Simple example
+## Methodology of the attack - example
 ```
 1. Normal browsing, visit home : https://www.example.com/myaccount/home/
 2. Open the malicious link : https://www.example.com/myaccount/home/malicious.css