From afd375fc343baa46e61036087bc43b3d096bb0ca Mon Sep 17 00:00:00 2001 From: Tim Graham Date: Wed, 1 Nov 2017 10:57:59 -0400 Subject: Fixed #28741 -- Removed unnecessary leading dot from cross-domain cookie examples. --- docs/topics/http/sessions.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs/topics') diff --git a/docs/topics/http/sessions.txt b/docs/topics/http/sessions.txt index 2112926cc0..ce5d8019bd 100644 --- a/docs/topics/http/sessions.txt +++ b/docs/topics/http/sessions.txt @@ -653,7 +653,7 @@ you'll be logged in as the attacker and might inadvertently enter your sensitive personal data (e.g. credit card info) into the attackers account. Another possible attack would be if ``good.example.com`` sets its -:setting:`SESSION_COOKIE_DOMAIN` to ``".example.com"`` which would cause +:setting:`SESSION_COOKIE_DOMAIN` to ``"example.com"`` which would cause session cookies from that site to be sent to ``bad.example.com``. Technical details -- cgit v1.3