diff options
| author | Ian Lee <IanLee1521@gmail.com> | 2016-11-11 04:01:48 -0800 |
|---|---|---|
| committer | Tim Graham <timograham@gmail.com> | 2016-11-11 07:02:08 -0500 |
| commit | 25fe13d6b0898fa5365fdb41b6c8a66ef2e18199 (patch) | |
| tree | c86db9e9716cf665e6ef604c7d850abd31cf2274 /docs | |
| parent | 7fd379719a1f5ee059aeee88243af172719e5e35 (diff) | |
[1.10.x] Fixed typo in docs/ref/settings.txt.
Backport of 501c9930101060d63fb5c25c1dc0154a6c23b775 from master
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/ref/settings.txt | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/docs/ref/settings.txt b/docs/ref/settings.txt index d908c4d9df..fc1f0a8883 100644 --- a/docs/ref/settings.txt +++ b/docs/ref/settings.txt @@ -2939,7 +2939,7 @@ session cookie. HTTPOnly_ is a flag included in a Set-Cookie HTTP response header. It is not part of the :rfc:`2109` standard for cookies, and it isn't honored consistently by all browsers. However, when it is honored, it can be a -useful way to mitigate the risk of client side script accessing the +useful way to mitigate the risk of a client side script accessing the protected cookie data. Turning it on makes it less trivial for an attacker to escalate a cross-site |
