From 71c7fd101324046995d8f7e51e78475c0e37ec1a Mon Sep 17 00:00:00 2001 From: Hendy Tanata Date: Fri, 8 Aug 2014 14:25:18 -0700 Subject: Uppercase HTML in docs. [skip ci] --- actionpack/lib/action_controller/metal/request_forgery_protection.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'actionpack/lib/action_controller/metal/request_forgery_protection.rb') diff --git a/actionpack/lib/action_controller/metal/request_forgery_protection.rb b/actionpack/lib/action_controller/metal/request_forgery_protection.rb index 0efa0fb259..7afbd767ce 100644 --- a/actionpack/lib/action_controller/metal/request_forgery_protection.rb +++ b/actionpack/lib/action_controller/metal/request_forgery_protection.rb @@ -9,7 +9,7 @@ module ActionController #:nodoc: end # Controller actions are protected from Cross-Site Request Forgery (CSRF) attacks - # by including a token in the rendered html for your application. This token is + # by including a token in the rendered HTML for your application. This token is # stored as a random string in the session, to which an attacker does not have # access. When a request reaches your application, \Rails verifies the received # token with the token in the session. Only HTML and JavaScript requests are checked, @@ -44,7 +44,7 @@ module ActionController #:nodoc: # # The token parameter is named authenticity_token by default. The name and # value of this token must be added to every layout that renders forms by including - # csrf_meta_tags in the html +head+. + # csrf_meta_tags in the HTML +head+. # # Learn more about CSRF attacks and securing your application in the # {Ruby on Rails Security Guide}[http://guides.rubyonrails.org/security.html]. -- cgit v1.2.3