Merge pull request #2699 from OWASP/webapp-english

sydseter · web-flow · commit ec7265bd586f · 2026-03-20T13:27:04.000+01:00
Check webapp-cards-3.0-en.yaml for spelling errors
diff --git a/source/webapp-cards-3.0-en.yaml b/source/webapp-cards-3.0-en.yaml
@@ -68,7 +68,7 @@ suits:
     id: "VEK"
     value: "K"
     url: "https://cornucopia.owasp.org/cards/VEK"
-    desc: "Gabe can inject data into an server-side interpreter (e.g. SQL, OS commands, Xpath, Server JavaScript, SMTP) because a strongly typed parameterised interface is not being used, not implemented correctly, or properly configured"
+    desc: "Gabe can inject data into a server-side interpreter (e.g. SQL, OS commands, Xpath, Server JavaScript, SMTP) because a strongly typed parameterised interface is not being used, not implemented correctly, or properly configured"
   -
     id: "VEA"
     value: "A"
@@ -118,7 +118,7 @@ suits:
     id: "AT9"
     value: "9"
     url: "https://cornucopia.owasp.org/cards/AT9"
-    desc: "Claudia can undertake more critical functions because authentication requirements are inconsistent, too weak (e.g. do not use passkeys or other strong authentication such as a recomended MFA method), or there is no requirement to re-authenticate for these"
+    desc: "Claudia can undertake more critical functions because authentication requirements are inconsistent, too weak (e.g. do not use passkeys or other strong authentication such as a recommended MFA method), or there is no requirement to re-authenticate for these"
   -
     id: "ATX"
     value: "10"
@@ -522,7 +522,7 @@ paragraphs:
     text: "EoP is a great concept and game strategy, and was published under a Creative Commons Attribution License."
   -
     id: "T00250"
-    text: "Cornucopia Website App Edition is based the concepts and game ideas in EoP, but those have been modified to be more relevant to the types of issues webapp website developers encounter."
+    text: "Cornucopia Website App Edition is based on the concepts and game ideas in EoP, but those have been modified to be more relevant to the types of issues webapp website developers encounter."
   -
     id: "T00260"
     text: "It attempts to introduce threat-modelling ideas into development teams that use Agile methodologies, or are more focused on web application weaknesses than other types of software vulnerabilities, or are not familiar with STRIDE and DREAD."
@@ -615,7 +615,7 @@ paragraphs:
     text: "Printing and cutting up can take an hour or so, and using a faster printer helps."
   -
     id: "T00810"
-    text: "Try to print add higher quality to increase legibility."
+    text: "Try to print at a higher quality to increase legibility."
   -
     id: "T00820"
     text: "An optional card back design (in OWASP® tartan) has been provided as the last page of this document."
@@ -1014,7 +1014,7 @@ paragraphs:
     text: "No name was used more than once, and where people had provided two personal names, I dropped one part to try to ensure no-one can be easily identified. "
   -
     id: "T02730"
-    text: "Names were not deliberately allocated to any particular attack, defence or requirement. The cultural and gender mix simply reflects theses sources of names, and is not meant to be world-representative."
+    text: "Names were not deliberately allocated to any particular attack, defence or requirement. The cultural and gender mix simply reflects these sources of names, and is not meant to be world-representative."
   -
     id: "T02740"
     text: "In v1.20, the name on VE-10 changed to reflect the project's new co-leader - this card is also the only one with two names in the attack."
@@ -1323,7 +1323,7 @@ paragraphs:
     text: "3.0"
   -
     id: "T03775"
-    text: "STRIDE categories have been added to each cards"
+    text: "STRIDE categories have been added to each card"
   -
     id: "T03800"
     text: "Project contributors"

Original file line number	Diff line number	Diff line change
`@@ -68,7 +68,7 @@ suits:`
`68`	`68`	`id: "VEK"`
`69`	`69`	`value: "K"`
`70`	`70`	`url: "https://cornucopia.owasp.org/cards/VEK"`
`71`		`- desc: "Gabe can inject data into an server-side interpreter (e.g. SQL, OS commands, Xpath, Server JavaScript, SMTP) because a strongly typed parameterised interface is not being used, not implemented correctly, or properly configured"`
	`71`	`+ desc: "Gabe can inject data into a server-side interpreter (e.g. SQL, OS commands, Xpath, Server JavaScript, SMTP) because a strongly typed parameterised interface is not being used, not implemented correctly, or properly configured"`
`72`	`72`	`-`
`73`	`73`	`id: "VEA"`
`74`	`74`	`value: "A"`
`@@ -118,7 +118,7 @@ suits:`
`118`	`118`	`id: "AT9"`
`119`	`119`	`value: "9"`
`120`	`120`	`url: "https://cornucopia.owasp.org/cards/AT9"`
`121`		`- desc: "Claudia can undertake more critical functions because authentication requirements are inconsistent, too weak (e.g. do not use passkeys or other strong authentication such as a recomended MFA method), or there is no requirement to re-authenticate for these"`
	`121`	`+ desc: "Claudia can undertake more critical functions because authentication requirements are inconsistent, too weak (e.g. do not use passkeys or other strong authentication such as a recommended MFA method), or there is no requirement to re-authenticate for these"`
`122`	`122`	`-`
`123`	`123`	`id: "ATX"`
`124`	`124`	`value: "10"`
`@@ -522,7 +522,7 @@ paragraphs:`
`522`	`522`	`text: "EoP is a great concept and game strategy, and was published under a Creative Commons Attribution License."`
`523`	`523`	`-`
`524`	`524`	`id: "T00250"`
`525`		`- text: "Cornucopia Website App Edition is based the concepts and game ideas in EoP, but those have been modified to be more relevant to the types of issues webapp website developers encounter."`
	`525`	`+ text: "Cornucopia Website App Edition is based on the concepts and game ideas in EoP, but those have been modified to be more relevant to the types of issues webapp website developers encounter."`
`526`	`526`	`-`
`527`	`527`	`id: "T00260"`
`528`	`528`	`text: "It attempts to introduce threat-modelling ideas into development teams that use Agile methodologies, or are more focused on web application weaknesses than other types of software vulnerabilities, or are not familiar with STRIDE and DREAD."`
`@@ -615,7 +615,7 @@ paragraphs:`
`615`	`615`	`text: "Printing and cutting up can take an hour or so, and using a faster printer helps."`
`616`	`616`	`-`
`617`	`617`	`id: "T00810"`
`618`		`- text: "Try to print add higher quality to increase legibility."`
	`618`	`+ text: "Try to print at a higher quality to increase legibility."`
`619`	`619`	`-`
`620`	`620`	`id: "T00820"`
`621`	`621`	`text: "An optional card back design (in OWASP® tartan) has been provided as the last page of this document."`
`@@ -1014,7 +1014,7 @@ paragraphs:`
`1014`	`1014`	`text: "No name was used more than once, and where people had provided two personal names, I dropped one part to try to ensure no-one can be easily identified. "`
`1015`	`1015`	`-`
`1016`	`1016`	`id: "T02730"`
`1017`		`- text: "Names were not deliberately allocated to any particular attack, defence or requirement. The cultural and gender mix simply reflects theses sources of names, and is not meant to be world-representative."`
	`1017`	`+ text: "Names were not deliberately allocated to any particular attack, defence or requirement. The cultural and gender mix simply reflects these sources of names, and is not meant to be world-representative."`
`1018`	`1018`	`-`
`1019`	`1019`	`id: "T02740"`
`1020`	`1020`	`text: "In v1.20, the name on VE-10 changed to reflect the project's new co-leader - this card is also the only one with two names in the attack."`
`@@ -1323,7 +1323,7 @@ paragraphs:`
`1323`	`1323`	`text: "3.0"`
`1324`	`1324`	`-`
`1325`	`1325`	`id: "T03775"`
`1326`		`- text: "STRIDE categories have been added to each cards"`
	`1326`	`+ text: "STRIDE categories have been added to each card"`
`1327`	`1327`	`-`
`1328`	`1328`	`id: "T03800"`
`1329`	`1329`	`text: "Project contributors"`