diff options
author | Daniel Lopes <danielvlopes@gmail.com> | 2012-06-07 15:33:38 -0300 |
---|---|---|
committer | Daniel Lopes <danielvlopes@gmail.com> | 2012-06-07 15:33:38 -0300 |
commit | faf27445d0f3bccdde6624ac0c7e156fdb263e5b (patch) | |
tree | 24196ef3a6db87dd5dbd773f07ee2135235179ea | |
parent | 39856627e0e3d50db4eb400bdfaca3bc0958d211 (diff) | |
download | rails-faf27445d0f3bccdde6624ac0c7e156fdb263e5b.tar.gz rails-faf27445d0f3bccdde6624ac0c7e156fdb263e5b.tar.bz2 rails-faf27445d0f3bccdde6624ac0c7e156fdb263e5b.zip |
fix typos on the CSRF whitelisting doc
-rw-r--r-- | actionpack/lib/action_controller/metal/request_forgery_protection.rb | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/actionpack/lib/action_controller/metal/request_forgery_protection.rb b/actionpack/lib/action_controller/metal/request_forgery_protection.rb index eb7057d278..c99fed9212 100644 --- a/actionpack/lib/action_controller/metal/request_forgery_protection.rb +++ b/actionpack/lib/action_controller/metal/request_forgery_protection.rb @@ -8,10 +8,10 @@ module ActionController #:nodoc: # Controller actions are protected from Cross-Site Request Forgery (CSRF) attacks # by including a token in the rendered html for your application. This token is # stored as a random string in the session, to which an attacker does not have - # access. When a request reaches your application, Rails verifies the received + # access. When a request reaches your application, \Rails verifies the received # token with the token in the session. All requests are checked except GET requests - # as these should be idempotent. It's is important to remember that XML or JSON - # requests are also affected and if you're building an API you'll need + # as these should be idempotent. It's important to remember that XML or JSON + # requests are also affected and if you're building an API you'll need # something like that: # # class ApplicationController < ActionController::Base |