aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDaniel Lopes <danielvlopes@gmail.com>2012-06-07 15:33:38 -0300
committerDaniel Lopes <danielvlopes@gmail.com>2012-06-07 15:33:38 -0300
commitfaf27445d0f3bccdde6624ac0c7e156fdb263e5b (patch)
tree24196ef3a6db87dd5dbd773f07ee2135235179ea
parent39856627e0e3d50db4eb400bdfaca3bc0958d211 (diff)
downloadrails-faf27445d0f3bccdde6624ac0c7e156fdb263e5b.tar.gz
rails-faf27445d0f3bccdde6624ac0c7e156fdb263e5b.tar.bz2
rails-faf27445d0f3bccdde6624ac0c7e156fdb263e5b.zip
fix typos on the CSRF whitelisting doc
-rw-r--r--actionpack/lib/action_controller/metal/request_forgery_protection.rb6
1 files changed, 3 insertions, 3 deletions
diff --git a/actionpack/lib/action_controller/metal/request_forgery_protection.rb b/actionpack/lib/action_controller/metal/request_forgery_protection.rb
index eb7057d278..c99fed9212 100644
--- a/actionpack/lib/action_controller/metal/request_forgery_protection.rb
+++ b/actionpack/lib/action_controller/metal/request_forgery_protection.rb
@@ -8,10 +8,10 @@ module ActionController #:nodoc:
# Controller actions are protected from Cross-Site Request Forgery (CSRF) attacks
# by including a token in the rendered html for your application. This token is
# stored as a random string in the session, to which an attacker does not have
- # access. When a request reaches your application, Rails verifies the received
+ # access. When a request reaches your application, \Rails verifies the received
# token with the token in the session. All requests are checked except GET requests
- # as these should be idempotent. It's is important to remember that XML or JSON
- # requests are also affected and if you're building an API you'll need
+ # as these should be idempotent. It's important to remember that XML or JSON
+ # requests are also affected and if you're building an API you'll need
# something like that:
#
# class ApplicationController < ActionController::Base