diff options
| author | Chris McDonough <chrism@plope.com> | 2010-12-29 03:37:34 -0500 |
|---|---|---|
| committer | Chris McDonough <chrism@plope.com> | 2010-12-29 03:37:34 -0500 |
| commit | 0e525ce7315e9962372267966eda6bc76ff99f02 (patch) | |
| tree | 20497400af6bcb2199dd99bd67c9b81636e85f82 /docs | |
| parent | 7e9d3c17bc2fbd4841dbf58509ddd75028971dd9 (diff) | |
| download | pyramid-0e525ce7315e9962372267966eda6bc76ff99f02.tar.gz pyramid-0e525ce7315e9962372267966eda6bc76ff99f02.tar.bz2 pyramid-0e525ce7315e9962372267966eda6bc76ff99f02.zip | |
typo
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/narr/csrf.rst | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/docs/narr/csrf.rst b/docs/narr/csrf.rst index 7586b0ed7..2f545fb4f 100644 --- a/docs/narr/csrf.rst +++ b/docs/narr/csrf.rst @@ -9,7 +9,7 @@ phenomenon whereby a user with an identity on your website might click on a URL or button on another website which unwittingly redirects the user to your application to perform some command that requires elevated privileges. -You can avoid most of these attacks by making sure that a the correct *CSRF +You can avoid most of these attacks by making sure that the correct *CSRF token* has been set in an :app:`Pyramid` session object before performing any actions in code which requires elevated privileges and is invoked via a form post. To use CSRF token support, you must enable a :term:`session factory` |