diff options
| author | jvoisin | 2017-12-22 11:46:45 +0100 |
|---|---|---|
| committer | jvoisin | 2017-12-22 11:46:45 +0100 |
| commit | 527b2d31632d1aa678d7aa7c0c1b9bfc948969dc (patch) | |
| tree | 7fbfa4cdc160a9fb09451ff49517215d94c8e7e1 /doc | |
| parent | abba60788625acf89dc670be478de3a351adb55b (diff) | |
Fix a typo spotted by @xxx-caillou-xxx
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/source/features.rst | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/doc/source/features.rst b/doc/source/features.rst index ee39682..073bd8d 100644 --- a/doc/source/features.rst +++ b/doc/source/features.rst | |||
| @@ -330,7 +330,7 @@ is when unauthorised commands are issued from a user that the application trusts | |||
| 330 | For example, if a user is authenticated on a banking website, | 330 | For example, if a user is authenticated on a banking website, |
| 331 | an other site might present something like | 331 | an other site might present something like |
| 332 | ``<img src="http://mybank.com/transfer?from=user&to=attack&amount=1337EUR">``, | 332 | ``<img src="http://mybank.com/transfer?from=user&to=attack&amount=1337EUR">``, |
| 333 | effectivement transfering money from the user's account to the attacker one. | 333 | effectively transferring money from the user's account to the attacker one. |
| 334 | 334 | ||
| 335 | Snuffleupagus can prevent this (in `supported browsers <https://caniuse.com/#search=samesite>`__) | 335 | Snuffleupagus can prevent this (in `supported browsers <https://caniuse.com/#search=samesite>`__) |
| 336 | by setting the `samesite <https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-02#section-5.3.7>`__ | 336 | by setting the `samesite <https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-02#section-5.3.7>`__ |