diff options
| author | Ian Lee <IanLee1521@gmail.com> | 2016-11-11 04:01:48 -0800 |
|---|---|---|
| committer | Tim Graham <timograham@gmail.com> | 2016-11-11 07:01:48 -0500 |
| commit | 501c9930101060d63fb5c25c1dc0154a6c23b775 (patch) | |
| tree | 86ef5307b604243e6c08518a148a0f3a5ab80180 /docs | |
| parent | 8618a7eaa16bf11f41dd850b42858381f850ce0e (diff) | |
Fixed typo in docs/ref/settings.txt.
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/ref/settings.txt | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/docs/ref/settings.txt b/docs/ref/settings.txt index 756b7bae91..5f669115ab 100644 --- a/docs/ref/settings.txt +++ b/docs/ref/settings.txt @@ -2971,7 +2971,7 @@ session cookie. HTTPOnly_ is a flag included in a Set-Cookie HTTP response header. It is not part of the :rfc:`2109` standard for cookies, and it isn't honored consistently by all browsers. However, when it is honored, it can be a -useful way to mitigate the risk of client side script accessing the +useful way to mitigate the risk of a client side script accessing the protected cookie data. Turning it on makes it less trivial for an attacker to escalate a cross-site |
