From 1b80e5ed883d330bc13c88b04ce6e31718bb80e0 Mon Sep 17 00:00:00 2001
From: wstgbot <62450690+wstgbot@users.noreply.github.com>
Date: Sun, 23 Nov 2025 13:32:23 +0000
Subject: [PATCH] Publish Latest 2025-11-23

Updates based on OWASP/wstg@c9c384d
---
 .../11-Client-side_Testing/11-Testing_Web_Messaging.md          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/latest/4-Web_Application_Security_Testing/11-Client-side_Testing/11-Testing_Web_Messaging.md b/latest/4-Web_Application_Security_Testing/11-Client-side_Testing/11-Testing_Web_Messaging.md
index 44d59f9..d08b0fe 100644
--- a/latest/4-Web_Application_Security_Testing/11-Client-side_Testing/11-Testing_Web_Messaging.md
+++ b/latest/4-Web_Application_Security_Testing/11-Client-side_Testing/11-Testing_Web_Messaging.md
@@ -48,7 +48,7 @@ function handler(event) {
 
 ### Origin Security
 
-The origin is made up of a scheme, host name, and port. It uniquely identifies the domain sending or receiving the message, and does not include the path or the fragment part of the URL. For instance, `https://example.com` will be considered different from `https://example.com` because the schema of the former is `https`, while the latter is `http`. This also applies to web servers running in the same domain but on different ports.
+The origin is made up of a scheme, host name, and port. It uniquely identifies the domain sending or receiving the message, and does not include the path or the fragment part of the URL. For instance, `https://example.com` will be considered different from `http://example.com` because the schema of the former is `https`, while the latter is `http`. This also applies to web servers running in the same domain but on different ports.
 
 ## Test Objectives