diff options
| author | xue <> | 2007-03-05 16:05:43 +0000 |
|---|---|---|
| committer | xue <> | 2007-03-05 16:05:43 +0000 |
| commit | b29a1544cac088cbdffa0b36f5d3bdebf1b18264 (patch) | |
| tree | fdce7ef0f1a3af29c9551a5ad0505fd1daa5e496 /demos/quickstart/protected/pages/Advanced | |
| parent | 0f818e91896908ae1d87388b16d583dd56812f92 (diff) | |
merge from 3.0 branch till 1740.
Diffstat (limited to 'demos/quickstart/protected/pages/Advanced')
| -rw-r--r-- | demos/quickstart/protected/pages/Advanced/Security.page | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/demos/quickstart/protected/pages/Advanced/Security.page b/demos/quickstart/protected/pages/Advanced/Security.page index a515bd0a..7aaab552 100644 --- a/demos/quickstart/protected/pages/Advanced/Security.page +++ b/demos/quickstart/protected/pages/Advanced/Security.page @@ -47,7 +47,7 @@ There are several countermeasures to prevent cookies from being attacked. <ul id="u1" class="block-content">
<li>An application can use SSL to create a secure communication channel and only pass the authentication cookie over an HTTPS connection. Attackers are thus unable to decipher the contents in the transferred cookies.</li>
<li>Expire sessions appropriately, including all cookies and session tokens, to reduce the likelihood of being attacked.</li>
- <li>Prevent <a href="?page=Security.XSS">cross-site scripting (XSS)</a> which causes arbitrary code to run in a user's browser and expose his cookies.</li>
+ <li>Prevent cross-site scripting (XSS) which causes arbitrary code to run in a user's browser and expose his cookies.</li>
<li>Validate cookie data and detect if they are altered.</li>
</ul>
<p id="730573" class="block-content">
|