fix gender neutrality

cpholguera · cpholguera · commit f021f32124a8 · 2025-03-12T10:01:31.000+01:00
diff --git a/Document/0x02a-Frontispiece.md b/Document/0x02a-Frontispiece.md
@@ -14,6 +14,8 @@ The OWASP MASVS and MASTG are trusted by the following platform providers and st
 
 ## Authors
 
+<!-- markdownlint-disable search-replace -->
+
 ### Bernhard Mueller
 
 Bernhard is a cyber security specialist with a talent for hacking systems of all kinds. During more than a decade in the industry, he has published many zero-day exploits for software such as MS SQL Server, Adobe Flash Player, IBM Director, Cisco VOIP, and ModSecurity. If you can name it, he has probably broken it at least once. BlackHat USA commended his pioneering work in mobile security with a Pwnie Award for Best Research.
@@ -46,6 +48,8 @@ Jeroen is a mobile security lead responsible for quality assurance on mobile sec
 
 Vikas is an experienced cyber security researcher, with expertise in mobile security. In his career he has worked to secure applications for various industries including fintech, banks and governments. He enjoys reverse engineering, especially obfuscated native code and cryptography. He holds masters in security and mobile computing, and an OSCP certification. He is always open to share his knowledge and exchange ideas.
 
+<!-- markdownlint-disable search-replace -->
+
 <!-- \pagebreak -->
 
 ## Changelog
diff --git a/Document/0x04h-Testing-Code-Quality.md b/Document/0x04h-Testing-Code-Quality.md
@@ -102,7 +102,7 @@ Cross-site scripting (XSS) issues allow attackers to inject client-side scripts
 
 In the context of _native apps_, XSS risks are far less prevalent for the simple reason these kinds of applications do not rely on a web browser. However, apps using WebView components, such as `WKWebView` or the deprecated `UIWebView` on iOS and `WebView` on Android, are potentially vulnerable to such attacks.
 
-An older but well-known example is the [local XSS issue in the Skype app for iOS, first identified by Phil Purviance](https://superevr.com/blog/2011/xss-in-skype-for-ios "XSS in Skype for iOS"). The Skype app failed to properly encode the name of the message sender, allowing an attacker to inject malicious JavaScript to be executed when a user views the message. In his proof-of-concept, Phil showed how to exploit the issue and steal a user's address book.
+An older but well-known example is the [local XSS issue in the Skype app for iOS, first identified by Phil Purviance](https://superevr.com/blog/2011/xss-in-skype-for-ios "XSS in Skype for iOS"). The Skype app failed to properly encode the name of the message sender, allowing an attacker to inject malicious JavaScript to be executed when a user views the message. In this proof-of-concept, Phil showed how to exploit the issue and steal a user's address book.
 
 ### Static Analysis - Security Testing Considerations
 
diff --git a/Document/index.md b/Document/index.md
@@ -19,13 +19,15 @@ The **OWASP Mobile Application Security Testing Guide (MASTG)** is a comprehensi
 
 Start exploring the MASTG:
 
+<!-- markdownlint-disable search-replace -->
 <a href="/MASTG/tests/" class="md-button md-button--primary" style="margin: 5px; min-width: 12em; text-align: center;">:octicons-codescan-checkmark-24:  Tests (v1)</a>
 <a href="/MASTG/tests-beta/" class="md-button md-button--primary" style="margin: 5px; min-width: 12em; text-align: center;">:octicons-codescan-checkmark-24:  Tests (v2 Beta)</a>
 <a href="/MASTG/techniques/" class="md-button md-button--primary" style="margin: 5px; min-width: 12em; text-align: center;">:material-magic-staff:  Techniques</a>
 <a href="/MASTG/demos/" class="md-button md-button--primary" style="margin: 5px; min-width: 12em; text-align: center;">:material-flask-outline:  Demos</a>
 <a href="/MASTG/tools/" class="md-button md-button--primary" style="margin: 5px; min-width: 12em; text-align: center;">:octicons-tools-24:  Tools</a>
 <a href="/MASTG/apps/" class="md-button md-button--primary" style="margin: 5px; min-width: 12em; text-align: center;">:octicons-code-square-24:  Apps</a>
 <a href="/MASTG/best-practices/" class="md-button md-button--primary" style="margin: 5px; min-width: 12em; text-align: center;">:material-shield-check:  Best Practices (v2 Beta)</a>
+<!-- markdownlint-disable search-replace -->
 
 <span style="color: darkgray; font-size: small"> :blue_heart:{ .pump } Support the project by purchasing the [OWASP MASTG on leanpub.com](https://leanpub.com/owasp-mastg). All funds raised through sales of this book go directly into the project budget and will be used to for technical editing and designing the book and fund production of future releases.</span>
 
diff --git a/docs/contact.md b/docs/contact.md
@@ -27,6 +27,8 @@ If you'd like to contribute, take a look at our [Contributions page](contributin
 
 ## OWASP MAS Project Leaders
 
+<!-- markdownlint-disable search-replace -->
+
 ## Carlos Holguera
 
 <img src="../../assets/carlos.jpg" width="150px" style="border-radius: 50%; margin-left: 4em;" align="right">
@@ -53,4 +55,6 @@ Sven is an experienced web and mobile penetration tester and assessed everything
 [:material-email:](mailto:Sven.Schleier@owasp.org)
 [:material-linkedin:](https://linkedin.com/in/sven-schleier)
 
+<!-- markdownlint-disable search-replace -->
+
 <br>
diff --git a/docs/news/posts/2023-04-01-masvs-v2-0-0-release.md b/docs/news/posts/2023-04-01-masvs-v2-0-0-release.md
@@ -36,7 +36,9 @@ We thank everyone that has participated in the MASVS Refactoring. You can access
 
 You'll notice that we have one **new author in the MASVS: Jeroen Beckers**
 
+<!-- markdownlint-disable search-replace -->
 > Jeroen is a mobile security lead responsible for quality assurance on mobile security projects and for R&D on all things mobile. Ever since his master's thesis on Android security, Jeroen has been interested in mobile devices and their (in)security. He loves sharing his knowledge with other people, as is demonstrated by his many talks & trainings at colleges, universities, clients and conferences.
+<!-- markdownlint-disable search-replace -->
 
 💙 Special thanks to our [MAS Advocate](https://mas.owasp.org/MASTG/Intro/0x02c-Acknowledgements/#mas-advocates), [NowSecure](https://www.nowsecure.com/), who has once again demonstrated their commitment to the project by continuously supporting it with time/dedicated resources as well as feedback, data and content contributions.
 
diff --git a/tests/android/MASVS-CODE/MASTG-TEST-0026.md b/tests/android/MASVS-CODE/MASTG-TEST-0026.md
@@ -32,7 +32,7 @@ The app uses `startActivityForResult` instead of `startActivity`, indicating tha
 
 In this example we're going to see how an attacker can read arbitrary files from within the app's internal storage `/data/data/<appname>` due to the improper validation of the return value of the intent.
 
-The `performAction` method in the following example reads the implicit intents return value, which can be an attacker provided URI and hands it to `getFileItemFromUri`. This method copies the file to a temp folder, which is usual if this file is displayed internally. But if the app stores the URI provided file in an external temp directory e.g by calling `getExternalCacheDir` or `getExternalFilesDir` an attacker can read this file if he sets the permission `android.permission.READ_EXTERNAL_STORAGE`.
+The `performAction` method in the following example reads the implicit intents return value, which can be an attacker provided URI and hands it to `getFileItemFromUri`. This method copies the file to a temp folder, which is usual if this file is displayed internally. But if the app stores the URI provided file in an external temp directory e.g by calling `getExternalCacheDir` or `getExternalFilesDir` an attacker can read this file after setting the permission `android.permission.READ_EXTERNAL_STORAGE`.
 
 ```java
 private void performAction(Action action){
