mirror of
https://github.com/django/django.git
synced 2024-12-23 09:36:06 +00:00
Fixes #16482 -- Fixes typo in security docs. Thanks, charettes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16560 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
parent
441c4e08cd
commit
f0280f2e94
@ -15,7 +15,7 @@ Cross site scripting (XSS) protection
|
|||||||
XSS attacks allow a user to inject client side scripts into the browsers of
|
XSS attacks allow a user to inject client side scripts into the browsers of
|
||||||
other users. This is usually achieved by storing the malicious scripts in the
|
other users. This is usually achieved by storing the malicious scripts in the
|
||||||
database where it will be retrieved and displayed to other users, or by getting
|
database where it will be retrieved and displayed to other users, or by getting
|
||||||
users to click a link which will cause the attacker's javascript to be executred
|
users to click a link which will cause the attacker's javascript to be executed
|
||||||
by the user's browser. However, XSS attacks can originate from any untrusted
|
by the user's browser. However, XSS attacks can originate from any untrusted
|
||||||
source of data, such as cookies or web services, whenever the data is not
|
source of data, such as cookies or web services, whenever the data is not
|
||||||
sufficiently sanitized before including in a page.
|
sufficiently sanitized before including in a page.
|
||||||
|
Loading…
Reference in New Issue
Block a user