0
0
mirror of https://github.com/django/django.git synced 2024-12-01 15:42:04 +01:00

Fixed typo in docs/ref/settings.txt.

This commit is contained in:
Ian Lee 2016-11-11 04:01:48 -08:00 committed by Tim Graham
parent 8618a7eaa1
commit 501c993010

View File

@ -2971,7 +2971,7 @@ session cookie.
HTTPOnly_ is a flag included in a Set-Cookie HTTP response header. It
is not part of the :rfc:`2109` standard for cookies, and it isn't honored
consistently by all browsers. However, when it is honored, it can be a
useful way to mitigate the risk of client side script accessing the
useful way to mitigate the risk of a client side script accessing the
protected cookie data.
Turning it on makes it less trivial for an attacker to escalate a cross-site