diff options
| author | yui-knk <spiketeika@gmail.com> | 2015-07-24 22:15:08 +0900 |
|---|---|---|
| committer | yui-knk <spiketeika@gmail.com> | 2015-07-24 22:15:08 +0900 |
| commit | 0868b4cec92dba5474e9faa12944a66c7f50fd15 (patch) | |
| tree | 61f81eea0c2208bff6e4481bd16720dd06c5d28f /guides/source | |
| parent | 14354f195540954a1dfc5c954d06389c9f71e986 (diff) | |
| download | rails-0868b4cec92dba5474e9faa12944a66c7f50fd15.tar.gz rails-0868b4cec92dba5474e9faa12944a66c7f50fd15.tar.bz2 rails-0868b4cec92dba5474e9faa12944a66c7f50fd15.zip | |
[ci skip] Minor fix
* add a space
* add a `.`
Diffstat (limited to 'guides/source')
| -rw-r--r-- | guides/source/security.md | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/guides/source/security.md b/guides/source/security.md index 485b108d12..58f79901f1 100644 --- a/guides/source/security.md +++ b/guides/source/security.md @@ -1011,7 +1011,7 @@ Here is a list of common headers: * X-Frame-Options _'SAMEORIGIN' in Rails by default_ - allow framing on same domain. Set it to 'DENY' to deny framing at all or 'ALLOWALL' if you want to allow framing for all website. * X-XSS-Protection -_'1; mode=block' in Rails by default_ - use XSS Auditor and block page if XSS attack is detected. Set it to '0;' if you want to switch XSS Auditor off(useful if response contents scripts from request parameters) +_'1; mode=block' in Rails by default_ - use XSS Auditor and block page if XSS attack is detected. Set it to '0;' if you want to switch XSS Auditor off (useful if response contents scripts from request parameters). * X-Content-Type-Options _'nosniff' in Rails by default_ - stops the browser from guessing the MIME type of a file. * X-Content-Security-Policy |