Merge branch 'docs-fix-typo-secure-coding-guidelines' into 'master'

Docs: fix typo in the secure coding guidelines document See merge request gitlab-org/gitlab!41462

Merge branch 'docs-fix-typo-secure-coding-guidelines' into 'master'
Docs: fix typo in the secure coding guidelines document See merge request gitlab-org/gitlab!41462
2bb06d7d · Ray Paik · c9c4ccd6 · 29c62366 · 2bb06d7d
Commit 2bb06d7d authored Sep 03, 2020 by Ray Paik
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

doc/development/secure_coding_guidelines.md doc/development/secure_coding_guidelines.md +1 -1

No files found.
--- a/doc/development/secure_coding_guidelines.md
+++ b/doc/development/secure_coding_guidelines.md
@@ -213,7 +213,7 @@ the mitigations for a new feature.

 #### Feature-specific Mitigations

-For situtions in which an allowlist or GitLab:HTTP cannot be used, it will be necessary to implement mitigations directly in the feature. It is best to validate the destination IP addresses themselves, not just domain names, as DNS can be controlled by the attacker. Below are a list of mitigations that should be implemented.
+For situations in which an allowlist or GitLab:HTTP cannot be used, it will be necessary to implement mitigations directly in the feature. It is best to validate the destination IP addresses themselves, not just domain names, as DNS can be controlled by the attacker. Below are a list of mitigations that should be implemented.

 **Important Note:** There are many tricks to bypass common SSRF validations. If feature-specific mitigations are necessary, they should be reviewed by the AppSec team, or a developer who has worked on SSRF mitigations previously.