chore: update from main

mdn · Dec 18, 2024 · 6a3d7f0 · 6a3d7f0
2 parents b81734d + 0d945ca
commit 6a3d7f0
Show file tree

Hide file tree

Showing 60 changed files with 861 additions and 165 deletions.
diff --git a/files/en-us/_redirects.txt b/files/en-us/_redirects.txt
@@ -3557,9 +3557,11 @@
 /en-US/docs/Glossary/Bézier_curve	/en-US/docs/Glossary/Bezier_curve
 /en-US/docs/Glossary/CSS_property	/en-US/docs/Glossary/property/CSS
 /en-US/docs/Glossary/Cleartext	/en-US/docs/Glossary/Plaintext
+/en-US/docs/Glossary/Clickjacking	/en-US/docs/Web/Security/Attacks/Clickjacking
 /en-US/docs/Glossary/Client_hints	/en-US/docs/Web/HTTP/Client_hints
 /en-US/docs/Glossary/Condition	/en-US/docs/Glossary/Conditional
 /en-US/docs/Glossary/Content_type	/en-US/docs/Glossary/MIME_type
+/en-US/docs/Glossary/DOS_attack	/en-US/docs/Glossary/Denial_of_Service
 /en-US/docs/Glossary/DTD	/en-US/docs/Glossary/Doctype
 /en-US/docs/Glossary/Descriptor_(CSS)	/en-US/docs/Glossary/CSS_Descriptor
 /en-US/docs/Glossary/Distributed_DenialofService	/en-US/docs/Glossary/Distributed_Denial_of_Service

diff --git a/files/en-us/_wikihistory.json b/files/en-us/_wikihistory.json
@@ -1897,18 +1897,6 @@
       "ajinkya_p"
     ]
   },
-  "Glossary/DOS_attack": {
-    "modified": "2019-03-23T23:08:00.112Z",
-    "contributors": [
-      "SebastienParis",
-      "Sodan",
-      "klez",
-      "Aleksej",
-      "Andrew_Pfeiffer",
-      "pbmj5233",
-      "RufusCSharma"
-    ]
-  },
   "Glossary/DTLS": {
     "modified": "2019-12-09T06:56:39.078Z",
     "contributors": [

diff --git a/files/en-us/glossary/clickjacking/index.md b/files/en-us/glossary/clickjacking/index.md
diff --git a/files/en-us/glossary/csp/index.md b/files/en-us/glossary/csp/index.md
@@ -6,7 +6,7 @@ page-type: glossary-definition
 
 {{GlossarySidebar}}
 
-A **CSP** ([Content Security Policy](/en-US/docs/Web/HTTP/CSP)) is used to detect and mitigate certain types of website related attacks like {{Glossary("Cross-site_scripting")}}, {{Glossary("clickjacking")}} and data injections.
+A **CSP** ([Content Security Policy](/en-US/docs/Web/HTTP/CSP)) is used to detect and mitigate certain types of website related attacks like {{Glossary("Cross-site_scripting")}}, [clickjacking](/en-US/docs/Web/Security/Attacks/Clickjacking) and data injections.
 
 The implementation is based on an {{Glossary("HTTP")}} header called {{HTTPHeader("Content-Security-Policy")}}.
 

diff --git a/files/en-us/glossary/denial_of_service/index.md b/files/en-us/glossary/denial_of_service/index.md
@@ -1,11 +1,30 @@
 ---
-title: Denial of Service
+title: Denial of Service (DoS)
 slug: Glossary/Denial_of_Service
 page-type: glossary-definition
 ---
 
 {{GlossarySidebar}}
 
-**DoS** (Denial of Service) is a category of network attack that consumes available server resources, typically by flooding the server with requests. The server is then sluggish or unavailable for legitimate users.
+**Denial of Service** (DoS) is a category of network attack that consumes available {{Glossary("server")}} resources, typically by flooding the server with requests. The server is then sluggish or unavailable for legitimate users.
 
-See {{glossary("DOS attack")}} for more information.
+Computers have limited resources, for example computation power or memory. When these are exhausted, the program can freeze or crash, making it unavailable. A DoS attack consists of various techniques to exhaust these resources and make a server or a network unavailable to legitimate users, or at least make the server perform sluggishly.
+
+There are also {{Glossary("Distributed Denial of Service", "Distributed Denial of Service (DDoS)")}} attacks in which a multitude of servers are used to exhaust the computing capacity of an attacked computer.
+
+### Types of DoS attack
+
+DoS attacks are more of a category than a particular kind of attack. Here is a non-exhaustive list of DoS attack types:
+
+- bandwidth attack
+- service request flood
+- SYN flooding attack
+- ICMP flood attack
+- peer-to-peer attack
+- permanent DoS attack
+- application level flood attack
+
+## See also
+
+- [Denial-of-service attack](https://en.wikipedia.org/wiki/Denial-of-service_attack) on Wikipedia
+- [Denial of Service](https://owasp.org/www-community/attacks/Denial_of_Service) on OWASP
diff --git a/files/en-us/glossary/distributed_denial_of_service/index.md b/files/en-us/glossary/distributed_denial_of_service/index.md
@@ -1,14 +1,14 @@
 ---
-title: Distributed Denial of Service
+title: Distributed Denial of Service (DDoS)
 slug: Glossary/Distributed_Denial_of_Service
 page-type: glossary-definition
 ---
 
 {{GlossarySidebar}}
 
-A **Distributed Denial-of-Service** (DDoS) is an attack in which many compromised systems are made to attack a single target, in order to swamp server resources and block legitimate users.
+**Distributed Denial-of-Service** (DDoS) is a type of {{Glossary("Denial of Service", "DoS")}} attack in which many compromised systems are made to attack a single target, in order to swamp server resources and block legitimate users.
 
-Normally many persons, using many bots, attack high-profile Web {{glossary("server","servers")}} like banks or credit-card payment gateways. DDoS concerns computer networks and CPU resource management.
+Normally many persons, using many bots, attack high-profile Web {{Glossary("server", "servers")}} like banks or credit-card payment gateways. DDoS concerns computer networks and CPU resource management.
 
 In a typical DDoS attack, the assailant begins by exploiting a vulnerability in one computer system and making it the DDoS master. The attack master, also known as the botmaster, identifies and infects other vulnerable systems with malware. Eventually, the assailant instructs the controlled machines to launch an attack against a specified target.
 
@@ -27,4 +27,4 @@ The United States Computer Emergency Readiness Team (US-CERT) defines symptoms o
 
 ## See also
 
-- [Denial-of-service attack](https://en.wikipedia.org/wiki/Denial-of-service_attack) on Wikipedia
+- [Distributed DoS attack](https://en.wikipedia.org/wiki/Denial-of-service_attack#Distributed_DoS) on Wikipedia
diff --git a/files/en-us/glossary/dos_attack/index.md b/files/en-us/glossary/dos_attack/index.md
diff --git a/files/en-us/glossary/rate_limit/index.md b/files/en-us/glossary/rate_limit/index.md
@@ -6,7 +6,7 @@ page-type: glossary-definition
 
 {{GlossarySidebar}}
 
-In computing, especially in networking, **rate limiting** means controlling how many operations can be performed in a given amount of time, usually to avoid overloading the system and causing performance degradation. For example, a server might limit the number of requests it will accept from a single client in a given time period, which not only optimizes the server's overall performance but also mitigates attacks like {{glossary("DoS attack")}}.
+In computing, especially in networking, **rate limiting** means controlling how many operations can be performed in a given amount of time, usually to avoid overloading the system and causing performance degradation. For example, a server might limit the number of requests it will accept from a single client in a given time period, which not only optimizes the server's overall performance but also mitigates attacks like {{Glossary("Denial of Service", "DoS attack")}}.
 
 Rate limiting is typically synonymous with {{glossary("throttle", "throttling")}}, although {{glossary("debounce", "debouncing")}} is another viable strategy which provides better semantics and user experience in certain cases.
 

diff --git a/files/en-us/glossary/source_map/index.md b/files/en-us/glossary/source_map/index.md
@@ -6,15 +6,65 @@ page-type: glossary-definition
 
 {{GlossarySidebar}}
 
-A **source map** is a file that maps between minified or transformed code received by the browser and its original unmodified form, allowing the original code to be reconstructed and used when debugging.
+A **source map** is a {{Glossary("JSON")}} file format that maps between minified or transformed code received by the browser and its original unmodified form, allowing the original code to be reconstructed and used when debugging.
 
-The JavaScript code executed by the browser has often been transformed in some way from the original source created by a developer.
-For example, sources are often combined and minified to make delivering them from the server more efficient.
-Additionally, JavaScript running on a page is often machine-generated, such as compiled from a language like TypeScript.
+Code executed by the browser is often transformed in some way from the original source created by a developer. There are several reasons for this:
+
+- To make delivering code from the server more efficient by combining and minifying source files.
+- To support older browsers by transforming modern features into older equivalents.
+- To use languages that browsers don't support, like {{Glossary("TypeScript")}} or [Sass](https://sass-lang.com/).
 
 In these situations, debugging the original source is much easier than the source in the transformed state that the browser has downloaded.
+Browsers detect a source map via the {{HTTPHeader("SourceMap")}} HTTP header for a resource, or a `sourceMappingURL` annotation in the generated code.
+
+## Example
+
+For example, consider this SCSS syntax of Sass:
+
+```scss
+ul {
+  list-style: none;
+  li {
+    display: inline;
+  }
+}
+```
+
+During the build process, the SCSS is transformed into CSS.
+A source map file `index.css.map` is generated and linked to from the CSS in a comment at the end:
+
+```css
+ul {
+  list-style: none;
+}
+ul li {
+  display: inline;
+}
+
+/*# sourceMappingURL=index.css.map */
+```
+
+This map file contains not only mappings between the original SCSS and the generated CSS but also the original SCSS source code in encoded form. It's ignored by the browser's CSS parser but used by browser's DevTools:
+
+```json
+{
+  "version": 3,
+  "sourceRoot": "",
+  "sources": ["index.scss"],
+  "names": [],
+  "mappings": "AAAA;EACC;;AACA;EACC",
+  "file": "index.css"
+}
+```
+
+The source map allows the browser's DevTools to link to specific lines in the original SCSS file and display the source code:
+
+![Firefox DevTools focused on the li element in the DOM inspector. The style panel shows transformed CSS without nesting and a link to the third line of the index.scss file.](inspector.png)
+
+![Firefox DevTools with the index.scss file opened in the style editor. The editor is focused on the source code's third line in SCSS format with nesting.](style-editor.png)
 
 ## See also
 
+- [Source map format specification](https://tc39.es/ecma426/2024/)
 - HTTP {{HTTPHeader("SourceMap")}} response header
 - [Firefox Developer Tools: using a source map](https://firefox-source-docs.mozilla.org/devtools-user/debugger/how_to/use_a_source_map/index.html)
diff --git a/files/en-us/glossary/source_map/inspector.png b/files/en-us/glossary/source_map/inspector.png
diff --git a/files/en-us/glossary/source_map/style-editor.png b/files/en-us/glossary/source_map/style-editor.png
diff --git a/files/en-us/learn_web_development/core/scripting/what_is_javascript/index.md b/files/en-us/learn_web_development/core/scripting/what_is_javascript/index.md
@@ -194,7 +194,7 @@ Client-side code is code that is run on the user's computer — when a web page
 In this module we are explicitly talking about **client-side JavaScript**.
 
 Server-side code on the other hand is run on the server, then its results are downloaded and displayed in the browser.
-Examples of popular server-side web languages include PHP, Python, Ruby, ASP.NET, and even JavaScript!
+Examples of popular server-side web languages include PHP, Python, Ruby, C#, and even JavaScript!
 JavaScript can also be used as a server-side language, for example in the popular Node.js environment — you can find out more about server-side JavaScript in our [Dynamic Websites – Server-side programming](/en-US/docs/Learn_web_development/Extensions/Server-side) topic.
 
 ### Dynamic versus static code