Getting rid of some of the pre-existent content in the AR basics guide, adding new stuff to it.

1 files changed, 1 insertions, 1 deletions

diff --git a/railties/doc/guides/html/security.html b/railties/doc/guides/html/security.html
index 371decda64..4751e9f92b 100644
--- a/railties/doc/guides/html/security.html
+++ b/railties/doc/guides/html/security.html
@@ -326,7 +326,7 @@ The user has his credit back.
 </div>

 </div>

 <div class="paragraph"><p>This attack focuses on fixing a user&#8217;s session id known to the attacker, and forcing the user&#8217;s browser into using this id. It is therefore not necessary for the attacker to steal the session id afterwards. Here is how this attack works:</p></div>

-<div class="olist arabic"><ol class="arabic">

+<div class="olist"><ol>

 <li>

 <p>

 The attacker creates a valid session id: He loads the login page of the web application where he wants to fix the session, and takes the session id in the cookie from the response (see number 1 and 2 in the image).