summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorAlex Gaynor <alex.gaynor@gmail.com>2013-11-24 21:05:59 -0600
committerAlex Gaynor <alex.gaynor@gmail.com>2013-11-24 21:05:59 -0600
commit4e07d93325b3989073b181e4505f2e6ed707743b (patch)
tree3d903b4026b4f851d169ad09478c7a7fdce0b795 /docs
parenteb38257e5199ca06b8b32f82dd50f64fd6b0d98d (diff)
Fixed some unnescesarily gendered language in the docs
Diffstat (limited to 'docs')
-rw-r--r--docs/internals/git.txt4
-rw-r--r--docs/topics/cache.txt4
-rw-r--r--docs/topics/http/sessions.txt6
-rw-r--r--docs/topics/templates.txt2
4 files changed, 8 insertions, 8 deletions
diff --git a/docs/internals/git.txt b/docs/internals/git.txt
index 3904ff83d4..e1d70be372 100644
--- a/docs/internals/git.txt
+++ b/docs/internals/git.txt
@@ -135,8 +135,8 @@ Feature-development branches
.. admonition:: Historical information
Since Django moved to Git in 2012, anyone can clone the repository and
- create his own branches, alleviating the need for official branches in the
- source code repository.
+ create their own branches, alleviating the need for official branches in
+ the source code repository.
The following section is mostly useful if you're exploring the repository's
history, for example if you're trying to understand how some features were
diff --git a/docs/topics/cache.txt b/docs/topics/cache.txt
index 409bd42827..e08ea5f960 100644
--- a/docs/topics/cache.txt
+++ b/docs/topics/cache.txt
@@ -1027,8 +1027,8 @@ expose incorrect or sensitive data to subsequent visitors to those pages.
For example, say you operate a Web email system, and the contents of the
"inbox" page obviously depend on which user is logged in. If an ISP blindly
cached your site, then the first user who logged in through that ISP would have
-his user-specific inbox page cached for subsequent visitors to the site. That's
-not cool.
+their user-specific inbox page cached for subsequent visitors to the site.
+That's not cool.
Fortunately, HTTP provides a solution to this problem. A number of HTTP headers
exist to instruct upstream caches to differ their cache contents depending on
diff --git a/docs/topics/http/sessions.txt b/docs/topics/http/sessions.txt
index abc99800dd..d39b8344c6 100644
--- a/docs/topics/http/sessions.txt
+++ b/docs/topics/http/sessions.txt
@@ -330,7 +330,7 @@ Before version 1.6, Django defaulted to using :mod:`pickle` to serialize
session data before storing it in the backend. If you're using the :ref:`signed
cookie session backend<cookie-session-backend>` and :setting:`SECRET_KEY` is
known by an attacker (there isn't an inherent vulnerability in Django that
-would cause it to leak), the attacker could insert a string into his session
+would cause it to leak), the attacker could insert a string into their session
which, when unpickled, executes arbitrary code on the server. The technique for
doing so is simple and easily available on the internet. Although the cookie
session storage signs the cookie-stored data to prevent tampering, a
@@ -659,8 +659,8 @@ domain. This makes session fixation possible if all subdomains are not
controlled by trusted users (or, are at least unable to set cookies).
For example, an attacker could log into ``good.example.com`` and get a valid
-session for his account. If the attacker has control over ``bad.example.com``,
-he can use it to send his session key to you since a subdomain is permitted
+session for their account. If the attacker has control over ``bad.example.com``,
+they can use it to send their session key to you since a subdomain is permitted
to set cookies on ``*.example.com``. When you visit ``good.example.com``,
you'll be logged in as the attacker and might inadvertently enter your
sensitive personal data (e.g. credit card info) into the attackers account.
diff --git a/docs/topics/templates.txt b/docs/topics/templates.txt
index c75b83f158..b1389b85f6 100644
--- a/docs/topics/templates.txt
+++ b/docs/topics/templates.txt
@@ -432,7 +432,7 @@ template fragment::
Hello, {{ name }}.
At first, this seems like a harmless way to display a user's name, but consider
-what would happen if the user entered his name as this::
+what would happen if the user entered their name as this::
<script>alert('hello')</script>