Commitcc40b5c

committed

Adding missing words thanks to javiereguiluz

1 parent1c568e1 commitcc40b5cCopy full SHA for cc40b5c

File tree

-3

lines changed

-3

lines changed

Lines changed: 3 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -16,9 +16,9 @@ Why Caching Pages with a CSRF token are Problematic`
`16`	`16`	`Typically, each user is assigned a unique CSRF token, which is stored in`
`17`	`17`	`the session for validation. This means that if you do cache a page with`
`18`	`18`	`a form containing a CSRF token, you'll cache the CSRF token of the first`
`19`		`-user only. When a user submits, the token won't match the token stored in`
`20`		`-the session and all users (except for the first) will fail CSRF validation`
`21`		`-when submitting the form.`
	`19`	`+user only. When a user submits the form, the token won't match the token`
	`20`	`+stored inthe session and all users (except for the first) will fail CSRF`
	`21`	`+validationwhen submitting the form.`
`22`	`22`
`23`	`23`	`In fact, many reverse proxies (like Varnish) will refuse to cache a page`
`24`	`24`	`with a CSRF token. This is because a cookie is sent in order to preserve`

Comments

(0)