summaryrefslogtreecommitdiff
path: root/docs/ref
diff options
context:
space:
mode:
Diffstat (limited to 'docs/ref')
-rw-r--r--docs/ref/clickjacking.txt4
1 files changed, 2 insertions, 2 deletions
diff --git a/docs/ref/clickjacking.txt b/docs/ref/clickjacking.txt
index 234fab2fa8..cb0994e242 100644
--- a/docs/ref/clickjacking.txt
+++ b/docs/ref/clickjacking.txt
@@ -24,7 +24,7 @@ for convenience. An attacker site might create an "I Like Ponies" button on one
of their own pages, and load the store's page in a transparent iframe such that
the "Buy Now" button is invisibly overlaid on the "I Like Ponies" button. If the
user visits the attacker site and clicks "I Like Ponies" he will inadvertently
-click on the online store's "Buy Now" button and unknowningly purchase the item.
+click on the online store's "Buy Now" button and unknowingly purchase the item.
Preventing clickjacking
=======================
@@ -70,7 +70,7 @@ every outgoing ``HttpResponse``. If you want DENY instead, set the
When using the middleware there may be some views where you do **not** want the
X-Frame-Options header set. For those cases, you can use a view decorator that
-tells the middleware to not set the header::
+tells the middleware not to set the header::
from django.http import HttpResponse
from django.views.decorators.clickjacking import xframe_options_exempt