1
0
mirror of https://github.com/django/django.git synced 2024-12-23 09:36:06 +00:00

Fixes #16482 -- Fixes typo in security docs. Thanks, charettes.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16560 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
Jannis Leidel 2011-07-29 09:39:55 +00:00
parent 441c4e08cd
commit f0280f2e94

View File

@ -15,7 +15,7 @@ Cross site scripting (XSS) protection
XSS attacks allow a user to inject client side scripts into the browsers of XSS attacks allow a user to inject client side scripts into the browsers of
other users. This is usually achieved by storing the malicious scripts in the other users. This is usually achieved by storing the malicious scripts in the
database where it will be retrieved and displayed to other users, or by getting database where it will be retrieved and displayed to other users, or by getting
users to click a link which will cause the attacker's javascript to be executred users to click a link which will cause the attacker's javascript to be executed
by the user's browser. However, XSS attacks can originate from any untrusted by the user's browser. However, XSS attacks can originate from any untrusted
source of data, such as cookies or web services, whenever the data is not source of data, such as cookies or web services, whenever the data is not
sufficiently sanitized before including in a page. sufficiently sanitized before including in a page.