innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity

Fixed typo in topics/http/sessions.txt.

This commit is contained in:
Tim Graham 2013-11-18 19:10:58 -05:00
parent 3f19b63f8b
commit 9348fc5628
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/topics/http/sessions.txt
View File

@ -662,7 +662,7 @@ controlled by trusted users (or, are at least unable to set cookies).
For example, an attacker could log into ``good.example.com`` and get a valid For example, an attacker could log into ``good.example.com`` and get a valid
session for his account. If the attacker has control over ``bad.example.com``, session for his account. If the attacker has control over ``bad.example.com``,
he can use it to send his session key to you since a subdomain is permitted he can use it to send his session key to you since a subdomain is permitted
to set cookies on `*.example.com``. When you visit ``good.example.com``, to set cookies on ``*.example.com``. When you visit ``good.example.com``,
you'll be logged in as the attacker and might inadvertently enter your you'll be logged in as the attacker and might inadvertently enter your
sensitive personal data (e.g. credit card info) into the attackers account. sensitive personal data (e.g. credit card info) into the attackers account.