From bb35cbe6b6faf75841dd7e122a78615b6f5b6208 Mon Sep 17 00:00:00 2001
From: Mehdi <pentest.co@gmail.com>
Date: Thu, 16 Nov 2023 13:13:51 +0330
Subject: [PATCH] Update WAF Bypass.md

---
 WAF Bypass.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/WAF Bypass.md b/WAF Bypass.md
index 7f8e609..4325422 100644
--- a/WAF Bypass.md	
+++ b/WAF Bypass.md	
@@ -359,8 +359,8 @@ location = /admin/ {
 ## NodeJS
 ![nodejs](https://github.com/Mehdi0x90/Web_Hacking/assets/17106836/8bd4e562-49e4-426f-aa27-353e9288b9cc)
 
-* As Nginx includes the character \xa0 as part of the pathname, the ACL rule for the /admin URI will not be triggered. Consequently, Nginx will forward the HTTP message to the backend;
-* When the URI /admin\x0a is received by the Node.js server, the character \xa0 will be removed, allowing successful retrieval of the /admin endpoint.
+* As Nginx includes the character `\xa0` as part of the pathname, the ACL rule for the `/admin` URI will not be triggered. Consequently, Nginx will forward the HTTP message to the backend;
+* When the URI `/admin\x0a` is received by the Node.js server, the character `\xa0` will be removed, allowing successful retrieval of the `/admin` endpoint.
 
 
 | Nginx Version | Node.js Bypass Characters |