Update basic-xss-prober.yaml

IMHO its better to test for text/html to report a possible XSS, there are a more content types that could cause reflect the content and dont have a XSS. like javascript, css, plaintext files, etc.
2020-12-01 22:11:07 -05:00 · 2020-12-01 22:11:07 -05:00 · 35b585fc3a
parent 18e4552cab
commit 35b585fc3a
1 changed files with 1 additions and 2 deletions
--- a/generic-detections/basic-xss-prober.yaml
+++ b/generic-detections/basic-xss-prober.yaml
@ -21,6 +21,5 @@ requests:

      - type: word
        words:
-          - "application/json"
+          - "text/html"
        part: header
-        negative: true