Merge branch 'master' of ssh://git.ikiwiki.info/srv/git/ikiwiki.info

author: Joey Hess <joey@kitenet.net> 2011-03-17 17:09:39 -0400
committer: Joey Hess <joey@kitenet.net> 2011-03-17 17:09:39 -0400
commit: 4b5e4a9e37b1f28a68bec8c78a8fe3ef4b811f3b (patch)
tree: bbbdeb3814ff2491daeec9a4a0d8bd899d420297 /doc/security.mdwn
parent: d162bf767e1e57502c4a767fa5a6ec42a5857c59 (diff)
parent: 70f646248821ebd608b65481d0f85fac8931f42e (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/doc/security.mdwn b/doc/security.mdwn
index 52d9d3dc0..770927e26 100644
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -441,7 +441,7 @@ A fix was also backported to Debian etch, as version 2.53.5. I recommend
 upgrading to one of these versions if your wiki can be edited by third
 parties.
 
-## javascript insertation via insufficient htmlscrubbing of comments
+## javascript insertion via insufficient htmlscrubbing of comments
 
 Kevin Riggle noticed that it was not possible to configure
 `htmlscrubber_skip` to scrub comments while leaving unscubbed the text
@@ -454,7 +454,7 @@ preview or moderation of comments with such a configuration.
 These problems were discovered on 12 November 2010 and fixed the same
 hour with the release of ikiwiki 3.20101112. ([[!cve CVE-2010-1673]])
 
-## javascript insertation via insufficient checking in comments
+## javascript insertion via insufficient checking in comments
 
 Dave B noticed that attempting to comment on an illegal page name could be
 used for an XSS attack.
author	Joey Hess <joey@kitenet.net>	2011-03-17 17:09:39 -0400
committer	Joey Hess <joey@kitenet.net>	2011-03-17 17:09:39 -0400
commit	4b5e4a9e37b1f28a68bec8c78a8fe3ef4b811f3b (patch)
tree	bbbdeb3814ff2491daeec9a4a0d8bd899d420297 /doc/security.mdwn
parent	d162bf767e1e57502c4a767fa5a6ec42a5857c59 (diff)
parent	70f646248821ebd608b65481d0f85fac8931f42e (diff)