From a205f438dbc9a498d4cad31a54e50b63007d4ef2 Mon Sep 17 00:00:00 2001 From: Travis Paul Date: Tue, 14 Apr 2020 17:27:15 +0800 Subject: Typofix s/than/that/ --- doc/source/features.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'doc/source/features.rst') diff --git a/doc/source/features.rst b/doc/source/features.rst index 407b9c7..3f40120 100644 --- a/doc/source/features.rst +++ b/doc/source/features.rst @@ -444,7 +444,7 @@ or ``is_callable`` with *suspicious* parameters. Some PHP applications are using broad rights when using the ``chmod`` function, like the infamous ``chmod(777)`` command, effectively making the file writable by everyone. Snuffleupagus is preventing this kind of behaviour by restricting the parameters -than can be passed to ``chmod``. +that can be passed to ``chmod``. Arbitrary file inclusion hardening """""""""""""""""""""""""""""""""" -- cgit v1.3 From 47d25cea2b34f8dc214a8aa5f748c5efe6455b96 Mon Sep 17 00:00:00 2001 From: jvoisin Date: Sun, 7 Jun 2020 21:20:57 +0200 Subject: Fix a link in the documentation Instead of linking to an intermediary page, link directly to the cookie's one. --- doc/source/features.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'doc/source/features.rst') diff --git a/doc/source/features.rst b/doc/source/features.rst index 3f40120..0c23dc1 100644 --- a/doc/source/features.rst +++ b/doc/source/features.rst @@ -73,7 +73,7 @@ Like *Suhosin*, we are encrypting the cookies with a secret key, an environment variable (usually the IP of the user) and the user's user-agent. This means that an attacker with an XSS won't be able to use the stolen cookie, since he can't spoof the content of the value of the environment -variable for the user. Please do read the :ref:`documentation about this feature ` +variable for the user. Please do read the :ref:`documentation about this feature ` if you're planning to use it. This feature is roughly the same than the `Suhosin one `_. -- cgit v1.3