Fixed #30573 -- Rephrased documentation to avoid words that minimise the involved difficulty.

This patch does not remove all occurrences of the words in question.
Rather, I went through all of the occurrences of the words listed
below, and judged if they a) suggested the reader had some kind of
knowledge/experience, and b) if they added anything of value (including
tone of voice, etc). I left most of the words alone. I looked at the
following words:

- simply/simple
- easy/easier/easiest
- obvious
- just
- merely
- straightforward
- ridiculous

Thanks to Carlton Gibson for guidance on how to approach this issue, and
to Tim Bell for providing the idea. But the enormous lion's share of
thanks go to Adam Johnson for his patient and helpful review.

1 files changed, 4 insertions, 4 deletions

diff --git a/docs/topics/security.txt b/docs/topics/security.txt
index 549b473988..862b2de258 100644
--- a/docs/topics/security.txt
+++ b/docs/topics/security.txt
@@ -66,10 +66,10 @@ this if you know what you are doing. There are other :ref:`limitations
 control.
 
 :ref:`CSRF protection works <how-csrf-works>` by checking for a secret in each
-POST request. This ensures that a malicious user cannot simply "replay" a form
-POST to your website and have another logged in user unwittingly submit that
-form. The malicious user would have to know the secret, which is user specific
-(using a cookie).
+POST request. This ensures that a malicious user cannot "replay" a form POST to
+your website and have another logged in user unwittingly submit that form. The
+malicious user would have to know the secret, which is user specific (using a
+cookie).
 
 When deployed with :ref:`HTTPS <security-recommendation-ssl>`,
 ``CsrfViewMiddleware`` will check that the HTTP referer header is set to a