This PR fixes issue #1300

Index.md

@@ -1,6 +1,6 @@
 # Index Alphabetical
 
-**91** cheat sheets available.
+**94** cheat sheets available.
 
 *Icons beside the cheat sheet name indicate in which language(s) code snippet(s) are provided.*
 
@@ -24,6 +24,8 @@
 
 ## B
 
+[Browser Extension Vulnerabilities Cheat Sheet](cheatsheets/Browser_Extension_Vulnerabilities_Cheat_Sheet.md)
+
 [Bean Validation Cheat Sheet](cheatsheets/Bean_Validation_Cheat_Sheet.md) ![Java](assets/Index_Java.svg) ![Xml](assets/Index_Xml.svg)
 
 ## C
@@ -120,10 +122,12 @@
 
 [Laravel Cheat Sheet](cheatsheets/Laravel_Cheat_Sheet.md) ![Html](assets/Index_Html.svg) ![Php](assets/Index_Php.svg) ![Sql](assets/Index_Sql.svg) ![Bash](assets/Index_Bash.svg)
 
-[LDAP Injection Prevention Cheat Sheet](cheatsheets/LDAP_Injection_Prevention_Cheat_Sheet.md)
+[LDAP Injection Prevention Cheat Sheet](cheatsheets/LDAP_Injection_Prevention_Cheat_Sheet.md) ![Java](assets/Index_Java.svg)
 
 [Logging Vocabulary Cheat Sheet](cheatsheets/Logging_Vocabulary_Cheat_Sheet.md)
 
+[Legacy Application Management Cheat Sheet](cheatsheets/Legacy_Application_Management_Cheat_Sheet.md)
+
 ## M
 
 [Microservices Security Cheat Sheet](cheatsheets/Microservices_Security_Cheat_Sheet.md)
@@ -190,6 +194,8 @@
 
 [Session Management Cheat Sheet](cheatsheets/Session_Management_Cheat_Sheet.md)
 
+[Software Supply Chain Security Cheat Sheet](cheatsheets/Software_Supply_Chain_Security_Cheat_Sheet.md)
+
 [Secrets Management Cheat Sheet](cheatsheets/Secrets_Management_Cheat_Sheet.md)
 
 [Symfony Cheat Sheet](cheatsheets/Symfony_Cheat_Sheet.md) ![Php](assets/Index_Php.svg) ![Bash](assets/Index_Bash.svg)
@@ -200,7 +206,7 @@
 
 [TLS Cipher String Cheat Sheet](cheatsheets/TLS_Cipher_String_Cheat_Sheet.md)
 
-[Transport Layer Security Cheat Sheet](cheatsheets/Transport_Layer_Security_Cheat_Sheet.md) ![Bash](assets/Index_Bash.svg)
+[Transport Layer Security Cheat Sheet](cheatsheets/Transport_Layer_Security_Cheat_Sheet.md)
 
 [Transport Layer Protection Cheat Sheet](cheatsheets/Transport_Layer_Protection_Cheat_Sheet.md)
 

scripts/Generate_Site_mkDocs.sh

@@ -95,57 +95,162 @@ if ! python -m mkdocs build; then
     exit 1
 fi
 
-echo "Step 6/7: Handling redirect for files that have changed"
-#Authorization_Testing_Automation.md -> Authorization_Testing_Automation_Cheat_Sheet.md
-#Injection_Prevention_Cheat_Sheet_in_Java.md -> Injection_Prevention_in_Java_Cheat_Sheet.md
-#JSON_WEB_Token_Cheat_Sheet_for_Java.md -> JSON_WEB_Token_for_Java_Cheat_Sheet.md
-#Ruby_on_Rails_Cheatsheet.md -> Ruby_on_Rails_Cheat_Sheet.md
-#Nodejs_security_cheat_sheet.html -> Nodejs_security_Cheat_Sheet.html
+echo "Step 6/7: Generate URL shortcuts for all cheat sheets"
 
-if [[ "$OSTYPE" == "darwin"* ]]; then
-    # MacOS
-    sed -i '' "1i\\
-        ---\\
-        redirect_from: \"/cheatsheets/Authorization_Testing_Automation.html\"\\
-        ---\\
-        " "$WORK/$GENERATED_SITE/cheatsheets/Authorization_Testing_Automation_Cheat_Sheet.html"
-    sed -i '' "1i\\
-        ---\\
-        redirect_from: \"/cheatsheets/Injection_Prevention_Cheat_Sheet_in_Java.html\"\\
-        ---\\
-        " "$WORK/$GENERATED_SITE/cheatsheets/Injection_Prevention_in_Java_Cheat_Sheet.html"
-    sed -i '' "1i\\
-        ---\\
-        redirect_from: \"/cheatsheets/JSON_Web_Token_Cheat_Sheet_for_Java.html\"\\
-        ---\\
-        " "$WORK/$GENERATED_SITE/cheatsheets/JSON_Web_Token_for_Java_Cheat_Sheet.html"
-    sed -i '' "1i\\
-        ---\\
-        redirect_from: \"/cheatsheets/Ruby_on_Rails_Cheatsheet.html\"\\
-        ---\\
-        " "$WORK/$GENERATED_SITE/cheatsheets/Ruby_on_Rails_Cheat_Sheet.html"
-    sed -i '' "1i\\
-        ---\\
-        redirect_from: \"/cheatsheets/Nodejs_security_cheat_sheet.html\"\\
-        ---\\
-        " "$WORK/$GENERATED_SITE/cheatsheets/Nodejs_Security_Cheat_Sheet.html"
-    sed -i '' "1i\\
-        ---\\
-        redirect_from: \"/cheatsheets/Application_Logging_Vocabulary_Cheat_Sheet.html\"\\
-        ---\\
-        " "$WORK/$GENERATED_SITE/cheatsheets/Logging_Vocabulary_Cheat_Sheet.html"
-else
-    sed -i "1i---\nredirect_from: \"/cheatsheets/Authorization_Testing_Automation.html\"\n---\n" $WORK/$GENERATED_SITE/cheatsheets/Authorization_Testing_Automation_Cheat_Sheet.html
-    sed -i "1i---\nredirect_from: \"/cheatsheets/Injection_Prevention_Cheat_Sheet_in_Java.html\"\n---\n" $WORK/$GENERATED_SITE/cheatsheets/Injection_Prevention_in_Java_Cheat_Sheet.html
-    sed -i "1i---\nredirect_from: \"/cheatsheets/JSON_Web_Token_Cheat_Sheet_for_Java.html\"\n---\n" $WORK/$GENERATED_SITE/cheatsheets/JSON_Web_Token_for_Java_Cheat_Sheet.html
-    sed -i "1i---\nredirect_from: \"/cheatsheets/Ruby_on_Rails_Cheatsheet.html\"\n---\n" $WORK/$GENERATED_SITE/cheatsheets/Ruby_on_Rails_Cheat_Sheet.html
-    sed -i "1i---\nredirect_from: \"/cheatsheets/Nodejs_security_cheat_sheet.html\"\n---\n" $WORK/$GENERATED_SITE/cheatsheets/Nodejs_Security_Cheat_Sheet.html
-    sed -i "1i---\nredirect_from: \"/cheatsheets/Application_Logging_Vocabulary_Cheat_Sheet.html\"\n---\n" $WORK/$GENERATED_SITE/cheatsheets/Logging_Vocabulary_Cheat_Sheet.html
-fi
+# Debug current location
+echo "Current directory: $(pwd)"
+echo "WORK directory: $WORK"
+
+# Function to create redirect file
+create_redirect() {
+    local shortcut=$1
+    local target=$2
+    local redirect_file="$WORK/site/${shortcut}"
+
+    echo "Creating redirect: /${shortcut} -> ${target}"
+
+    # Create the redirect HTML file
+    cat > "$redirect_file" << EOF
+<!DOCTYPE html>
+<html>
+<head>
+    <meta http-equiv="refresh" content="0; url=/${target}">
+</head>
+<body>
+    Redirecting to <a href="/${target}">${target}</a>...
+</body>
+</html>
+EOF
+
+    # Also create .html version
+    cp "$redirect_file" "${redirect_file}.html"
+
+    # Verify creation and handle errors properly
+    if [ -f "$redirect_file" ] && [ -f "${redirect_file}.html" ]; then
+        echo "✅ Created shortcuts:"
+        echo "  - /${shortcut}"
+        echo "  - /${shortcut}.html"
+    else
+        echo "❌ Failed to create shortcuts for ${shortcut}"
+        return 1
+    fi
+}
+
+# Track used shortcuts to prevent duplicates
+declare -A used_shortcuts
+
+# Process all cheat sheet files
+echo "Processing all cheat sheet files..."
+find "$WORK/site/cheatsheets" -type f -name "*_Cheat_Sheet.html" | while read -r file; do
+    filename=$(basename "$file")
+    filepath=${file#"$WORK/site/"}
+
+    #echo "Processing: $filename"
+
+    # First try to find a match in redirects.yml
+    shortcut=""
+    if [ -f "redirects.yml" ]; then
+        # Try to find a matching redirect in the YAML file
+        while IFS=': ' read -r key target || [ -n "$key" ]; do
+            # Skip comments and empty lines
+            [[ $key =~ ^#.*$ ]] && continue
+            [ -z "$key" ] && continue
+
+            # Trim whitespace
+            key=$(echo "$key" | xargs)
+            target=$(echo "$target" | xargs)
+
+            if [ "$target" = "$filepath" ]; then
+                shortcut=$key
+                break
+            fi
+        done < "redirects.yml"
+    fi
+
+    # If no shortcut found in redirects.yml, generate one
+    if [ -z "$shortcut" ]; then
+        # Generate shortcut from filename
+        shortcut=$(echo "$filename" | awk -F'_' '{for(i=1;i<=NF;i++)printf "%s", substr($i,1,1)}' | tr '[:lower:]' '[:upper:]')
+    fi
+
+    # Handle duplicate shortcuts
+    if [ "${used_shortcuts[$shortcut]}" ]; then
+        echo "⚠️ Warning: Duplicate shortcut '$shortcut' for '$filename'. Original was for '${used_shortcuts[$shortcut]}'"
+        # Append a number to make it unique
+        count=2
+        while [ "${used_shortcuts[${shortcut}${count}]}" ]; do
+            ((count++))
+        done
+        shortcut="${shortcut}${count}"
+    fi
+
+    # Record this shortcut as used
+    used_shortcuts[$shortcut]=$filepath
+
+    # Create redirect
+    create_redirect "$shortcut" "$filepath"
+done
+
+# Print all available shortcuts
+echo "Available shortcuts:"
+for shortcut in "${!used_shortcuts[@]}"; do
+    echo "- /${shortcut} -> ${used_shortcuts[$shortcut]}"
+done
 
 echo "Step 7/7 Cleanup."
 rm -rf cheatsheets
 rm -rf custom_theme
 rm mkdocs.yml
 
 echo "Generation finished to the folder: $WORK/$GENERATED_SITE"
+
+# Add redirect handling
+echo "Generating redirect pages..."
+mkdir -p $WORK/$GENERATED_SITE/redirects
+
+# Process redirects.yml and generate redirect HTML files
+#SITE_DIR="$WORK/$GENERATED_SITE"
+python3 - <<EOF
+import yaml
+import os
+
+REDIRECT_TEMPLATE = """
+<!DOCTYPE html>
+<html>
+<head>
+    <meta http-equiv="refresh" content="0;url={target_url}">
+    <script>window.location.href = "{target_url}";</script>
+</head>
+<body>
+    Redirecting to <a href="{target_url}">{target_url}</a>...
+</body>
+</html>
+"""
+
+def create_redirect_page(shortcut, target_url, output_dir):
+    # Handle relative URLs
+    if not target_url.startswith('http'):
+        target_url = f'/{target_url}'
+
+    content = REDIRECT_TEMPLATE.format(target_url=target_url)
+
+    # Create redirect file
+    with open(f'{output_dir}/{shortcut}.html', 'w') as f:
+        f.write(content)
+
+# Load redirects
+with open('../scripts/redirects.yml', 'r') as f:
+    try:
+        redirects = yaml.safe_load(f)
+    except yaml.YAMLError as e:
+        print(f"Error parsing redirects.yml: {e}")
+        exit(1)
+
+# Create redirect pages
+output_dir = '$WORK/$GENERATED_SITE'
+for shortcut, target in redirects.items():
+    create_redirect_page(shortcut, target, output_dir)
+    print(f"Created redirect: {shortcut} -> {target}")
+
+EOF
+

scripts/redirects.yml

@@ -0,0 +1,49 @@
+# Common cheatsheet shortcuts
+xss: cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html
+auth: cheatsheets/Authentication_Cheat_Sheet.html
+injection: cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html
+csrf: cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html
+
+# Common guide shortcuts
+newdev: cheatsheets/Guide_for_New_Developers.html
+secarch: cheatsheets/Security_Architecture_Cheat_Sheet.html
+
+# Tool shortcuts
+webgoat: https://owasp.org/www-project-webgoat/
+juice: https://owasp.org/www-project-juice-shop/
+
+# Legacy redirects
+old_xss: cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html  # Maintain backwards compatibility
+
+# Direct topic shortcuts
+SSRF: cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html
+XSS: cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html
+SQLi: cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html
+JWT: cheatsheets/JSON_Web_Token_for_Java_Cheat_Sheet.html
+DOS: cheatsheets/Denial_of_Service_Cheat_Sheet.html
+XSRF: cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html
+Docker: cheatsheets/Docker_Security_Cheat_Sheet.html
+GraphQL: cheatsheets/GraphQL_Cheat_Sheet.html
+Kubernetes: cheatsheets/Kubernetes_Security_Cheat_Sheet.html
+LDAP: cheatsheets/LDAP_Injection_Prevention_Cheat_Sheet.html
+OAuth: cheatsheets/OAuth_2.0_Cheat_Sheet.html
+SAML: cheatsheets/SAML_Security_Cheat_Sheet.html
+TLP: cheatsheets/Transport_Layer_Protection_Cheat_Sheet.html
+
+# Language-specific shortcuts
+Java: cheatsheets/Java_Security_Cheat_Sheet.html
+NodeJS: cheatsheets/Nodejs_Security_Cheat_Sheet.html
+PHP: cheatsheets/PHP_Security_Cheat_Sheet.html
+Python: cheatsheets/Python_Security_Cheat_Sheet.html
+Ruby: cheatsheets/Ruby_on_Rails_Cheat_Sheet.html
+DotNet: cheatsheets/DotNet_Security_Cheat_Sheet.html
+
+# Category-based shortcuts
+Mobile: cheatsheets/Mobile_Application_Security_Cheat_Sheet.html
+REST: cheatsheets/REST_Security_Cheat_Sheet.html
+Cloud: cheatsheets/Cloud_Security_Cheat_Sheet.html
+Crypto: cheatsheets/Cryptographic_Storage_Cheat_Sheet.html
+Password: cheatsheets/Password_Storage_Cheat_Sheet.html
+Session: cheatsheets/Session_Management_Cheat_Sheet.html
+
+# Add more redirects as needed