Permalink
Browse files

changed sentence

  • Loading branch information...
1 parent 24b78df commit 8fa1235c2734a921b633cde498318dbafa959284 @dallastaylor dallastaylor committed Apr 28, 2009
Showing with 1 addition and 1 deletion.
  1. +1 −1 railties/guides/source/security.textile
@@ -967,7 +967,7 @@ Transfer-Encoding: chunked
Content-Type: text/html
</plain>
-Under certain circumstances this would present the malicious HTML to the victim. However, this seems to work with Keep-Alive connections, only (and many browsers are using one-time connections). But you can't rely on this. _(highlight)In any case this is a serious bug, and you should update your Rails to version 2.0.5 or 2.1.2 to eliminate Header Injection (and thus response splitting) risks._
+Under certain circumstances this would present the malicious HTML to the victim. However, this only seems to work with Keep-Alive connections (and many browsers are using one-time connections). But you can't rely on this. _(highlight)In any case this is a serious bug, and you should update your Rails to version 2.0.5 or 2.1.2 to eliminate Header Injection (and thus response splitting) risks._
h3. Additional Resources

0 comments on commit 8fa1235

Please sign in to comment.