From d56392ea431086854e1714a72ee9fd9bb6ebacbe Mon Sep 17 00:00:00 2001
From: Jakob Pachmann <156199510+v0xyc0n@users.noreply.github.com>
Date: Sun, 14 Sep 2025 07:52:02 +0200
Subject: [PATCH] edited logical typo

>...because the schema of the former is https, while the latter is http

Implies the second example is using http - I edited the text accordingly
---
 .../11-Client-side_Testing/11-Testing_Web_Messaging.md          | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/latest/4-Web_Application_Security_Testing/11-Client-side_Testing/11-Testing_Web_Messaging.md b/latest/4-Web_Application_Security_Testing/11-Client-side_Testing/11-Testing_Web_Messaging.md
index 44d59f9..d08b0fe 100644
--- a/latest/4-Web_Application_Security_Testing/11-Client-side_Testing/11-Testing_Web_Messaging.md
+++ b/latest/4-Web_Application_Security_Testing/11-Client-side_Testing/11-Testing_Web_Messaging.md
@@ -48,7 +48,7 @@ function handler(event) {
 
 ### Origin Security
 
-The origin is made up of a scheme, host name, and port. It uniquely identifies the domain sending or receiving the message, and does not include the path or the fragment part of the URL. For instance, `https://example.com` will be considered different from `https://example.com` because the schema of the former is `https`, while the latter is `http`. This also applies to web servers running in the same domain but on different ports.
+The origin is made up of a scheme, host name, and port. It uniquely identifies the domain sending or receiving the message, and does not include the path or the fragment part of the URL. For instance, `https://example.com` will be considered different from `http://example.com` because the schema of the former is `https`, while the latter is `http`. This also applies to web servers running in the same domain but on different ports.
 
 ## Test Objectives