Skip to content

Commit bda070d

Browse files
christianlupuschristianlupus
committed
Fix warning in RST code
Signed-off-by: Christian Wolf <[email protected]>
1 parent 146e624 commit bda070d

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

developer_manual/prologue/security.rst

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -218,7 +218,7 @@ Always store user data or configuration files in safe locations, e.g. **nextclou
218218
Cross site request forgery
219219
--------------------------
220220

221-
Using `CSRF <https://en.wikipedia.org/wiki/Cross-site_request_forgery>`_ (see also on `MDN <https://developer.mozilla.org/en-US/docs/Glossary/CSRF>`_) one can trick a user into executing a request that they did not want to make. Thus every POST and GET request needs to be protected against it. The only places where no CSRF checks are needed are in the main template, which is rendering the application, or in externally callable interfaces.
221+
Using `CSRF <https://en.wikipedia.org/wiki/Cross-site_request_forgery>`_ (see also on `MDN <https://developer.mozilla.org/en-US/docs/Glossary/CSRF>`__) one can trick a user into executing a request that they did not want to make. Thus every POST and GET request needs to be protected against it. The only places where no CSRF checks are needed are in the main template, which is rendering the application, or in externally callable interfaces.
222222

223223
.. note:: Submitting a form is also a POST/GET request!
224224

@@ -260,7 +260,7 @@ Always validate the URL before redirecting if the requested URL is on the same d
260260
CORS
261261
----
262262

263-
`Cross-origin resource sharing (CORS) <https://en.wikipedia.org/wiki/Cross-origin_resource_sharing>`_ (see also on `MDN <https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS>`_) is a method impleneted by browser to access resources from different domains at the same time.
263+
`Cross-origin resource sharing (CORS) <https://en.wikipedia.org/wiki/Cross-origin_resource_sharing>`_ (see also on `MDN <https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS>`__) is a method impleneted by browser to access resources from different domains at the same time.
264264
Assume, there is a website published on host A.
265265
The URL would for example be https://A/path/to/index.html.
266266
If there is a _different_ host B that serves a resource (e.g. an image file) as https://B/assets/image.jpg, the index file on host A could simply link to the image on B.

0 commit comments

Comments
 (0)