summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorArtur Juraszek <artur@juraszek.xyz>2018-10-29 23:19:04 +0100
committerTim Graham <timograham@gmail.com>2018-10-30 18:30:51 -0400
commit817c6cdf0e2a72362045ca503af01830df9b9d36 (patch)
tree9c9a9efd190546275b0ecb36178cf2fbc00d83c1 /docs
parentc1c68d1ac0f0d50eb37df32892b132f31a1179da (diff)
Capitalized SecurityMiddleware headers for consistency with other headers.
(No behavior change since HTTP headers are case insensitive.)
Diffstat (limited to 'docs')
-rw-r--r--docs/ref/checks.txt4
1 files changed, 2 insertions, 2 deletions
diff --git a/docs/ref/checks.txt b/docs/ref/checks.txt
index dd74639d33..0173f437d0 100644
--- a/docs/ref/checks.txt
+++ b/docs/ref/checks.txt
@@ -347,11 +347,11 @@ The following checks are run if you use the :option:`check --deploy` option:
your domain should be served exclusively via SSL.
* **security.W006**: Your :setting:`SECURE_CONTENT_TYPE_NOSNIFF` setting is not
set to ``True``, so your pages will not be served with an
- ``'x-content-type-options: nosniff'`` header. You should consider enabling
+ ``'X-Content-Type-Options: nosniff'`` header. You should consider enabling
this header to prevent the browser from identifying content types incorrectly.
* **security.W007**: Your :setting:`SECURE_BROWSER_XSS_FILTER` setting is not
set to ``True``, so your pages will not be served with an
- ``'x-xss-protection: 1; mode=block'`` header. You should consider enabling
+ ``'X-XSS-Protection: 1; mode=block'`` header. You should consider enabling
this header to activate the browser's XSS filtering and help prevent XSS
attacks.
* **security.W008**: Your :setting:`SECURE_SSL_REDIRECT` setting is not set to