diff options
| author | terminator14 <terminator14@users.noreply.github.com> | 2019-07-23 07:10:58 -0600 |
|---|---|---|
| committer | Mariusz Felisiak <felisiak.mariusz@gmail.com> | 2019-07-23 15:10:58 +0200 |
| commit | 8323691de0ba120dbdc8055063574df2b0c0afa4 (patch) | |
| tree | b1395706ab56246320fefeaa2b3accdd4ef77422 /docs | |
| parent | 8d52a525c806ab162efb236e3e93785be9585184 (diff) | |
Fixed typo in docs/topics/http/sessions.txt.
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/topics/http/sessions.txt | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/docs/topics/http/sessions.txt b/docs/topics/http/sessions.txt index 313f33bfb9..757e60c341 100644 --- a/docs/topics/http/sessions.txt +++ b/docs/topics/http/sessions.txt @@ -658,7 +658,7 @@ session for their account. If the attacker has control over ``bad.example.com``, they can use it to send their session key to you since a subdomain is permitted to set cookies on ``*.example.com``. When you visit ``good.example.com``, you'll be logged in as the attacker and might inadvertently enter your -sensitive personal data (e.g. credit card info) into the attackers account. +sensitive personal data (e.g. credit card info) into the attacker's account. Another possible attack would be if ``good.example.com`` sets its :setting:`SESSION_COOKIE_DOMAIN` to ``"example.com"`` which would cause |