mirror of
				https://github.com/django/django.git
				synced 2025-10-25 22:56:12 +00:00 
			
		
		
		
	Fixed typo in topics/http/sessions.txt.
This commit is contained in:
		| @@ -662,7 +662,7 @@ controlled by trusted users (or, are at least unable to set cookies). | |||||||
| For example, an attacker could log into ``good.example.com`` and get a valid | For example, an attacker could log into ``good.example.com`` and get a valid | ||||||
| session for his account. If the attacker has control over ``bad.example.com``, | session for his account. If the attacker has control over ``bad.example.com``, | ||||||
| he can use it to send his session key to you since a subdomain is permitted | he can use it to send his session key to you since a subdomain is permitted | ||||||
| to set cookies on `*.example.com``. When you visit ``good.example.com``, | to set cookies on ``*.example.com``. When you visit ``good.example.com``, | ||||||
| you'll be logged in as the attacker and might inadvertently enter your | you'll be logged in as the attacker and might inadvertently enter your | ||||||
| sensitive personal data (e.g. credit card info) into the attackers account. | sensitive personal data (e.g. credit card info) into the attackers account. | ||||||
|  |  | ||||||
|   | |||||||
		Reference in New Issue
	
	Block a user