docs: remove duplicate words & fix spelling (#810)

docs/docs/concepts/identity-data-model.md

@@ -72,7 +72,7 @@ traits:
 Identities are
 
 - `created` - via API or self-service registration);
-- `updated` - via API or self-serfice settings, account recovery, ...;
+- `updated` - via API or self-service settings, account recovery, ...;
 - `disabled` - not yet implemented, see
   [#598](https://github.com/ory/kratos/issues/598);
 - `deleted` - via API or with a self-service flow (not yet implemented see

docs/docs/concepts/index.md

@@ -62,7 +62,7 @@ Let's take a look at different approaches and software systems today.
 _Disclaimer: There are neither product nor project names in this section. This
 section's goal is to describe circumstances and problems that mostly stem from
 the community's experience. For information purposes, there is a preliminary
-comparision of ORY Kratos and other projects and products available at
+comparison of ORY Kratos and other projects and products available at
 [Comparison](../further-reading/comparison.md)_.
 
 Full-stack IAM is usually sold as a one-size-fits-all solution. Due to size and
@@ -236,7 +236,7 @@ Products in particular:
 
 - Small runtime footprint with an about five (5) MB binary running on all
   operating systems without any system, library, or VM dependencies;
-- Fully virtualised in a fifteen (15) MB Docker image;
+- Fully virtualized in a fifteen (15) MB Docker image;
 - Easy to manage with exactly one binary for the server and the cli;
 - Run-time orchestration using the latest Kubernetes providing fast and easy to
   use [Helm charts](https://github.com/ory/k8s);

docs/docs/guides/docker.md

@@ -10,7 +10,7 @@ title: Docker Images
 
 ## Image Variants
 
-The `Kratos` Docker images come in two different falvors, one with and one
+The `Kratos` Docker images come in two different flavors, one with and one
 without SQLite support. All Docker images with the postfix
 `kratos:<version>-sqlite` in the tag are compiled with embed SQLite support and
 uses libmusl. All Docker images (`kratos:<version>`) without the postfix
@@ -25,7 +25,7 @@ libraries and therefore have a smaller attack surface.
 
 In order to make the provided Docker images as useful as possible they can be
 configured through a set of supported Environment variables. In addition the
-default configuration directoy can be bound to a directory of choice to make it
+default configuration directory can be bound to a directory of choice to make it
 simple to pass in your own configuration files.
 
 ### Environment Variables
@@ -58,10 +58,10 @@ configuration file, but make it easy to pass in your own configuration file(s)
 by either binding a local directory or by creating your own custom Docker Image
 and adding the configuration file(s) to the custom image.
 
-#### Binding host directoy
+#### Binding host directory
 
 **Example:** In this example we start the standard Docker container with SQLite
-support and use the quickstart email-passwort example configuration files by
+support and use the quickstart email-password example configuration files by
 bind mounting the local directory. This example assumes that you checked out the
 Kratos Git repo and execute the Docker command in the Kratos Git repo directory:
 

docs/docs/guides/login-session.mdx

@@ -126,7 +126,7 @@ const protect = (req: Request, res: Response, next: NextFunction) => {
       res.redirect('/auth/login')
     })
 
-// const app = expres()
+// const app = express()
 // ...
 
 app.get('/', protect, dashboard)

docs/docs/guides/zero-trust-iap-proxy-identity-access-proxy.mdx

@@ -158,7 +158,7 @@ end
     SA --> KA
     KA -.belongs to.-> K
     KP -.belongs to.-> K
-    subgraph sa["SecureApp / kratos-serlfservice-ui-node Example"]
+    subgraph sa["SecureApp / kratos-selfservice-ui-node Example"]
         SA[SecureApp]
         SAD -.belongs to.-> SA
         SALU -.belongs to.-> SA

docs/docs/self-service.mdx

@@ -12,6 +12,7 @@ your profile and sign up yourself.
 import Tabs from '@theme/Tabs'
 import TabItem from '@theme/TabItem'
 import Mermaid from '@theme/Mermaid'
+import ApiWarning from '@theme/ApiWarning'
 
 import CodeTabs from '@theme/Code/CodeTabs'
 import { initBrowserFlow, initApiFlow } from './self-service/flows/code/login'
@@ -86,14 +87,7 @@ All Self-Service Flows ([User Login](self-service/flows/user-login.mdx),
 support these two flow types and use the same data models but do use different
 API endpoints.
 
-:::warning
-
-**Never use API flows to implement Browser applications!**
-
-Using API flows in Single-Page-Apps as well as server-side apps opens up several
-potential attack vectors, including including Login and other CSRF attacks.
-
-:::
+<ApiWarning />
 
 ## Browser Flows
 
@@ -314,14 +308,7 @@ and might issue a session cookie if configured to do so.
 
 ## API Flows
 
-:::warning
-
-**Never use API flows to implement Browser applications!**
-
-Using API flows in Single-Page-Apps as well as server-side apps opens up several
-potential attack vectors, including including Login and other CSRF attacks.
-
-:::
+<ApiWarning />
 
 API flows have three stages:
 
@@ -479,4 +466,4 @@ which in this case fails with a 400 Bad Request error and the following payload:
 ```
 
 On success, that endpoint would typically return a HTTP 200 Status OK response
-with the success `application/json` response paylaod in the body.
+with the success `application/json` response payload in the body.

docs/docs/self-service/flows/account-recovery.mdx

@@ -257,7 +257,7 @@ which returns a JSON response:
 
 Fetching the Recovery Flow
 ([REST API Reference](../../reference/api.mdx#get-recovery-flow)) is usually
-only required for browser clients but also works for Recovery Flows initializied
+only required for browser clients but also works for Recovery Flows initialized
 by API clients. All you need is a valid flow ID:
 
 <CodeTabs items={getFlow} />

docs/docs/self-service/flows/user-login.mdx

@@ -96,7 +96,7 @@ To initialize the Login Flow, point the Browser to the initialization endpoint:
 <CodeTabs items={initBrowserFlow} />
 
 The server responds with a HTTP 302 redirect to the Login UI, appending the
-`?flow=<flow-id>` query paremeter (see the curl example) to the URL configured
+`?flow=<flow-id>` query parameter (see the curl example) to the URL configured
 here:
 
 ```yaml title="path/to/config/kratos.yml"
@@ -131,7 +131,7 @@ which returns a JSON response:
 
 Fetching the Login Flow
 ([REST API Reference](../../reference/api.mdx#get-login-flow)) is usually only
-required for browser clients but also works for Login Flows initializied by API
+required for browser clients but also works for Login Flows initialized by API
 clients. All you need is a valid flow ID:
 
 <CodeTabs items={getFlow} />

docs/docs/self-service/flows/user-registration.mdx

@@ -101,7 +101,7 @@ endpoint:
 <CodeTabs items={initBrowserFlow} />
 
 The server responds with a HTTP 302 redirect to the Registration UI, appending
-the `?flow=<flow-id>` query paremeter (see the curl example) to the URL
+the `?flow=<flow-id>` query parameter (see the curl example) to the URL
 configured here:
 
 ```yaml title="path/to/config/kratos.yml"
@@ -137,7 +137,7 @@ which returns a JSON response:
 Fetching the Registration Flow
 ([REST API Reference](../../reference/api.mdx#get-registration-flow)) is usually
 only required for browser clients but also works for Registration Flows
-initializied by API clients. All you need is a valid Registration Flow ID:
+initialized by API clients. All you need is a valid Registration Flow ID:
 
 <CodeTabs items={getFlow} />
 

docs/docs/self-service/flows/user-settings.mdx

@@ -184,7 +184,7 @@ To initialize the Settings Flow, point the Browser to
 <CodeTabs items={initBrowserFlow} />
 
 The server responds with a HTTP 302 redirect to the Settings UI, appending the
-`?flow=<flow-id>` query paremeter (see the curl example) to the URL configured
+`?flow=<flow-id>` query parameter (see the curl example) to the URL configured
 here:
 
 ```yaml title="path/to/config/kratos.yml"
@@ -219,7 +219,7 @@ which returns a JSON response:
 
 Fetching the Settings Flow
 ([REST API Reference](../../reference/api.mdx#get-settings-flow)) is usually
-only required for browser clients but also works for Settings Flows initializied
+only required for browser clients but also works for Settings Flows initialized
 by API clients. All you need is a valid flow ID:
 
 <CodeTabs items={getFlow} />
@@ -417,7 +417,7 @@ Completing the settings update behaves differently for Browser and API Clients.
 
 When the profile update is completed successfully, ORY Kratos responds with a
 HTTP 302 Redirect to the Settings UI which now contains the success state
-(`state: success`) as well as the udpated identity:
+(`state: success`) as well as the updated identity:
 
 ```shell script
 $ curl -s -X GET \

docs/docs/self-service/flows/verify-email-account-activation.mdx

@@ -254,7 +254,7 @@ which returns a JSON response:
 Fetching the Verification Flow
 ([REST API Reference](../../reference/api.mdx#get-verification-flow)) is usually
 only required for browser clients but also works for Verification Flows
-initializied by API clients. All you need is a valid flow ID:
+initialized by API clients. All you need is a valid flow ID:
 
 <CodeTabs items={getFlow} />
 

docs/src/theme/ApiWarning.js

@@ -21,7 +21,7 @@ const ApiWarning = () => (
       </p>
       <p>
         Using API flows in Single-Page-Apps as well as server-side apps opens up several
-        potential attack vectors, including including Login and other CSRF attacks.
+        potential attack vectors, including Login and other CSRF attacks.
       </p>
     </div>
   </div>

docs/versioned_docs/version-v0.5/concepts/identity-data-model.md

@@ -72,7 +72,7 @@ traits:
 Identities are
 
 - `created` - via API or self-service registration);
-- `updated` - via API or self-serfice settings, account recovery, ...;
+- `updated` - via API or self-service settings, account recovery, ...;
 - `disabled` - not yet implemented, see
   [#598](https://github.com/ory/kratos/issues/598);
 - `deleted` - via API or with a self-service flow (not yet implemented see

docs/versioned_docs/version-v0.5/self-service.mdx

@@ -12,6 +12,7 @@ your profile and sign up yourself.
 import Tabs from '@theme/Tabs'
 import TabItem from '@theme/TabItem'
 import Mermaid from '@theme/Mermaid'
+import ApiWarning from '@theme/ApiWarning'
 
 import CodeTabs from '@theme/Code/CodeTabs'
 import { initBrowserFlow, initApiFlow } from './self-service/flows/code/login'
@@ -86,14 +87,7 @@ All Self-Service Flows ([User Login](self-service/flows/user-login.mdx),
 support these two flow types and use the same data models but do use different
 API endpoints.
 
-:::warning
-
-**Never use API flows to implement Browser applications!**
-
-Using API flows in Single-Page-Apps as well as server-side apps opens up several
-potential attack vectors, including including Login and other CSRF attacks.
-
-:::
+<ApiWarning />
 
 ## Browser Flows
 
@@ -314,14 +308,7 @@ and might issue a session cookie if configured to do so.
 
 ## API Flows
 
-:::warning
-
-**Never use API flows to implement Browser applications!**
-
-Using API flows in Single-Page-Apps as well as server-side apps opens up several
-potential attack vectors, including including Login and other CSRF attacks.
-
-:::
+<ApiWarning />
 
 API flows have three stages: