From dd6222b13cbf6a4527018af966a2724beb81e053 Mon Sep 17 00:00:00 2001 From: Aaron Melocik Date: Thu, 18 Jun 2015 08:40:43 -0700 Subject: Remove superfluous *Best Practices* parenthetical In the documentation at user_guide/general/security.html#best-practices, the 3-item list has a superfluous parenthetical that is also misplaced. This parenthetical currently is at the end of the first list item, though it refers to a step that can replace the first item. As per narfbg's request in PR https://github.com/bcit-ci/CodeIgniter/pull/3915, this change removes the parenthetical entirely. The change is: BEFORE: #. Validate the data to ensure it conforms to the correct type, length, size, etc. (sometimes this step can replace step one) #. Filter the data as if it were tainted. #. Escape the data before submitting it into your database or outputting it to a browser. AFTER: #. Validate the data to ensure it conforms to the correct type, length, size, etc. #. Filter the data as if it were tainted. #. Escape the data before submitting it into your database or outputting it to a browser. --- user_guide_src/source/general/security.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'user_guide_src/source') diff --git a/user_guide_src/source/general/security.rst b/user_guide_src/source/general/security.rst index fcfe4c24b..d4120d162 100644 --- a/user_guide_src/source/general/security.rst +++ b/user_guide_src/source/general/security.rst @@ -61,7 +61,7 @@ data from the SERVER array, you are encouraged to practice this three step approach: #. Validate the data to ensure it conforms to the correct type, length, - size, etc. (sometimes this step can replace step one) + size, etc. #. Filter the data as if it were tainted. #. Escape the data before submitting it into your database or outputting it to a browser. @@ -199,4 +199,4 @@ file to restrict access to those resources. CodeIgniter will have an index.html file in all of its directories in an attempt to hide some of this data, but have it in mind that this is not enough to prevent a serious -attacker. \ No newline at end of file +attacker. -- cgit v1.2.3-24-g4f1b