From 501c9930101060d63fb5c25c1dc0154a6c23b775 Mon Sep 17 00:00:00 2001 From: Ian Lee Date: Fri, 11 Nov 2016 04:01:48 -0800 Subject: [PATCH] Fixed typo in docs/ref/settings.txt. --- docs/ref/settings.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/ref/settings.txt b/docs/ref/settings.txt index 756b7bae911..5f669115ab7 100644 --- a/docs/ref/settings.txt +++ b/docs/ref/settings.txt @@ -2971,7 +2971,7 @@ session cookie. HTTPOnly_ is a flag included in a Set-Cookie HTTP response header. It is not part of the :rfc:`2109` standard for cookies, and it isn't honored consistently by all browsers. However, when it is honored, it can be a -useful way to mitigate the risk of client side script accessing the +useful way to mitigate the risk of a client side script accessing the protected cookie data. Turning it on makes it less trivial for an attacker to escalate a cross-site