summaryrefslogtreecommitdiff
path: root/docs/topics/http
diff options
context:
space:
mode:
authorTim Graham <timograham@gmail.com>2017-11-01 10:57:59 -0400
committerTim Graham <timograham@gmail.com>2017-11-01 11:06:56 -0400
commitcd37e470962e544f60493d2a2c5f3a76c945a7e6 (patch)
treef4e7428181c2d80be3a07c78fdd34f5cc8e9f08a /docs/topics/http
parent2e6dd975a228d8a590248da38a2b6f4e74876260 (diff)
[2.0.x] Fixed #28741 -- Removed unnecessary leading dot from cross-domain cookie examples.
Backport of afd375fc343baa46e61036087bc43b3d096bb0ca from master
Diffstat (limited to 'docs/topics/http')
-rw-r--r--docs/topics/http/sessions.txt2
1 files changed, 1 insertions, 1 deletions
diff --git a/docs/topics/http/sessions.txt b/docs/topics/http/sessions.txt
index 2112926cc0..ce5d8019bd 100644
--- a/docs/topics/http/sessions.txt
+++ b/docs/topics/http/sessions.txt
@@ -653,7 +653,7 @@ you'll be logged in as the attacker and might inadvertently enter your
sensitive personal data (e.g. credit card info) into the attackers account.
Another possible attack would be if ``good.example.com`` sets its
-:setting:`SESSION_COOKIE_DOMAIN` to ``".example.com"`` which would cause
+:setting:`SESSION_COOKIE_DOMAIN` to ``"example.com"`` which would cause
session cookies from that site to be sent to ``bad.example.com``.
Technical details