Script updating gh-pages from 2de689c. [ci skip]

Author: ID Bot

mbj-aaron/draft-ietf-oauth-rfc8725bis.html

@@ -1825,7 +1825,7 @@ <h3 id="name-do-not-trust-received-claim">
 could result in server-side request forgery (SSRF) attacks. Applications <span class="bcp14">SHOULD</span> protect against such
 attacks, e.g., by matching the URL to an allowlist of permitted locations
 and ensuring no cookies are sent in the GET request.<a href="#section-3.10-2" class="pilcrow">¶</a></p>
-<p id="section-3.10-3">Likewise, the authorization server <span class="bcp14">SHOULD</span> check what a hostname resolves to
+<p id="section-3.10-3">When such an allowlist is not available, the authorization server <span class="bcp14">SHOULD</span> check what a hostname resolves to
 and avoid making a request if it resolves to a loopback or local IP address.
 An example of this is when "attacker.example.com/etc/passwd" is used
 as the "jwks_uri" value and there is a DNS entry for "attacker.example.com"

mbj-aaron/draft-ietf-oauth-rfc8725bis.txt

@@ -542,12 +542,12 @@ Table of Contents
    allowlist of permitted locations and ensuring no cookies are sent in
    the GET request.
 
-   Likewise, the authorization server SHOULD check what a hostname
-   resolves to and avoid making a request if it resolves to a loopback
-   or local IP address.  An example of this is when
-   "attacker.example.com/etc/passwd" is used as the "jwks_uri" value and
-   there is a DNS entry for "attacker.example.com" that resolves to
-   "127.0.0.1" or other local IP address values.
+   When such an allowlist is not available, the authorization server
+   SHOULD check what a hostname resolves to and avoid making a request
+   if it resolves to a loopback or local IP address.  An example of this
+   is when "attacker.example.com/etc/passwd" is used as the "jwks_uri"
+   value and there is a DNS entry for "attacker.example.com" that
+   resolves to "127.0.0.1" or other local IP address values.
 
 3.11.  Use Explicit Typing