Skip to content

Defenses pages #42158

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 7 commits into from
Nov 29, 2025
Merged

Defenses pages #42158

merged 7 commits into from
Nov 29, 2025

Conversation

@wbamberg
Copy link
Collaborator

@wbamberg wbamberg commented Nov 28, 2025
edited
Loading

This is another bit of https://github.com/orgs/mdn/discussions/857.

It's pretty conservative: I have only moved pages under a new "Defenses" page, and not changed them at all.

In a subsequent PR, I will rewrite the TLS page, and I might try to integrate "Mixed content" and "Certificate transparency" into that page then.

@github-actions github-actions bot added Content:Security Security docs size/m [PR only] 51-500 LoC changed labels Nov 28, 2025
@github-actions
Copy link
Contributor

github-actions bot commented Nov 28, 2025
edited
Loading

Preview URLs (9 pages)
Flaws (9)

Note! 4 documents with no flaws that don't need to be listed. 🎉

URL: /en-US/docs/Web/Security/Defenses/Mixed_content
Title: Mixed content
Flaw count: 1

  • broken_links:
    • /en-US/docs/Web/Security/Secure_Contexts is a redirect

URL: /en-US/docs/Web/Security/Defenses/Secure_Contexts
Title: Secure contexts
Flaw count: 1

  • broken_links:
    • /en-US/docs/Web/Security/Secure_Contexts/features_restricted_to_secure_contexts is a redirect

URL: /en-US/docs/Web/Security/Defenses/Secure_Contexts/features_restricted_to_secure_contexts
Title: Features restricted to secure contexts
Flaw count: 2

  • broken_links:
    • /en-US/docs/Web/Security/Secure_Contexts is a redirect
    • /en-US/docs/Web/Security/Secure_Contexts is a redirect

URL: /en-US/docs/Web/Security/Defenses/Transport_Layer_Security
Title: Transport Layer Security (TLS)
Flaw count: 4

  • broken_links:
    • /en-US/docs/Web/Security/Secure_Contexts is a redirect
  • unknown:
    • No generic content config found
    • no blog root
    • no blog root

URL: /en-US/docs/Web/Security/Defenses/User_activation
Title: User activation
Flaw count: 1

  • broken_links:
    • /en-US/docs/Web/Security/Secure_Contexts/features_restricted_to_secure_contexts is a redirect

(comment last updated: 2025-11-28 19:16:41)

@wbamberg wbamberg marked this pull request as ready for review November 28, 2025 06:07
@wbamberg wbamberg requested review from a team as code owners November 28, 2025 06:07
@wbamberg wbamberg requested review from chrisdavidmills, estelle and pepelsbey and removed request for a team, estelle and pepelsbey November 28, 2025 06:07
chrisdavidmills
chrisdavidmills approved these changes Nov 28, 2025
View reviewed changes
Copy link
Contributor

@chrisdavidmills chrisdavidmills left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@wbamberg This all sounds pretty much fine to me. I just had a few grammar nits for you, plus a question about the transient/sticky activation definition. I'll approve it though, so you can get it merged after you've looked them over.

files/en-us/web/security/defenses/index.md Outdated
As a rule, there's a many to many relationship between attacks and defenses. In each of our [attacks guides](/en-US/docs/Web/Security/Attacks) we describe the specific defenses against that attack. In the defenses pages listed below, we'll provide a broader overview of what some of these defenses are and how they work.

- [Certificate transparency](/en-US/docs/Web/Security/Defenses/Mixed_content)
- : Certificate transparency provides a publicly visible log of issued {{glossary("TLS")}} certificates, making it easier to detect those which were malicious or incorrectly issued.
Copy link
Contributor

@chrisdavidmills chrisdavidmills Nov 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you need to repeat the feature name from the DD at the start of the DT in each case? It works in some cases, but I think it sounds a little repetitive as-is. Not a major problem...

Copy link
Collaborator Author

@wbamberg wbamberg Nov 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yeah I agree. what do you suggest though? Just omitting the subject?

Suggested change
- : Certificate transparency provides a publicly visible log of issued {{glossary("TLS")}} certificates, making it easier to detect those which were malicious or incorrectly issued.
- : Provides a publicly visible log of issued {{glossary("TLS")}} certificates, making it easier to detect those which were malicious or incorrectly issued.

?

Copy link
Collaborator Author

@wbamberg wbamberg Nov 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed in 79287c8.

@wbamberg wbamberg merged commit 3907089 into mdn:main Nov 29, 2025
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chrisdavidmills chrisdavidmills chrisdavidmills approved these changes

Assignees

No one assigned

Labels

Content:Security Security docs size/m [PR only] 51-500 LoC changed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@wbamberg @chrisdavidmills