mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-03-12 18:30:48 +00:00
Code Issues 32 Releases Wiki Activity

[1.6.x] Fixed typo in topics/http/sessions.txt.

Browse Source 
Backport of 9348fc5628 from master
This commit is contained in:
Tim Graham 2013-11-18 19:10:58 -05:00
parent 833f7d11e8
commit 44469af34b
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/topics/http/sessions.txt
View File

@ -659,7 +659,7 @@ controlled by trusted users (or, are at least unable to set cookies).
For example, an attacker could log into ``good.example.com`` and get a valid
session for his account. If the attacker has control over ``bad.example.com``,
he can use it to send his session key to you since a subdomain is permitted
to set cookies on `*.example.com``. When you visit ``good.example.com``,
to set cookies on ``*.example.com``. When you visit ``good.example.com``,
you'll be logged in as the attacker and might inadvertently enter your
sensitive personal data (e.g. credit card info) into the attackers account.