Add verb to sanitization note

author: Dave Jachimiak <dave.jachimiak@gmail.com> 2014-02-14 11:36:03 -0500
committer: Dave Jachimiak <dave.jachimiak@gmail.com> 2014-02-14 11:36:03 -0500
commit: 848e377a2017234e3831599346918fb8d413fd28 (patch)
tree: 0bd14c57828e343e62e59b9ab8b34a17defa261e /guides/source
parent: 820f635bfbde959750a1e0806e023462eea515b0 (diff)
download: rails-848e377a2017234e3831599346918fb8d413fd28.tar.gz
rails-848e377a2017234e3831599346918fb8d413fd28.tar.bz2
rails-848e377a2017234e3831599346918fb8d413fd28.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/guides/source/security.md b/guides/source/security.md
index 70fb066b64..ece431dae7 100644
--- a/guides/source/security.md
+++ b/guides/source/security.md
@@ -549,7 +549,7 @@ Injection is very tricky, because the same code or parameter can be malicious in
 
 ### Whitelists versus Blacklists
 
-NOTE: _When sanitizing, protecting or verifying something, whitelists over blacklists._
+NOTE: _When sanitizing, protecting or verifying something, prefer whitelists over blacklists._
 
 A blacklist can be a list of bad e-mail addresses, non-public actions or bad HTML tags. This is opposed to a whitelist which lists the good e-mail addresses, public actions, good HTML tags and so on. Although sometimes it is not possible to create a whitelist (in a SPAM filter, for example), _prefer to use whitelist approaches_:
author	Dave Jachimiak <dave.jachimiak@gmail.com>	2014-02-14 11:36:03 -0500
committer	Dave Jachimiak <dave.jachimiak@gmail.com>	2014-02-14 11:36:03 -0500
commit	848e377a2017234e3831599346918fb8d413fd28 (patch)
tree	0bd14c57828e343e62e59b9ab8b34a17defa261e /guides/source
parent	820f635bfbde959750a1e0806e023462eea515b0 (diff)
download	rails-848e377a2017234e3831599346918fb8d413fd28.tar.gz rails-848e377a2017234e3831599346918fb8d413fd28.tar.bz2 rails-848e377a2017234e3831599346918fb8d413fd28.zip