W3C home > Mailing lists > Public > public-html-commits@w3.org > December 2011

html5/spec Overview.html,1.5476,1.5477

From: Ian Hickson via cvs-syncmail <cvsmail@w3.org>
Date: Fri, 16 Dec 2011 20:55:48 +0000
To: public-html-commits@w3.org
Message-Id: <E1Rbeom-0006QZ-DB@lionel-hutz.w3.org>
Update of /sources/public/html5/spec
In directory hutz:/tmp/cvs-serv24686

Modified Files:
	Overview.html 
Log Message:
Fix some typos or copypasta. (whatwg r6877)

Index: Overview.html
===================================================================
RCS file: /sources/public/html5/spec/Overview.html,v
retrieving revision 1.5476
retrieving revision 1.5477
diff -u -d -r1.5476 -r1.5477
--- Overview.html	16 Dec 2011 20:53:45 -0000	1.5476
+++ Overview.html	16 Dec 2011 20:55:42 -0000	1.5477
@@ -1802,14 +1802,16 @@
      <li>When allowing URLs to be provided (e.g. for links), the
      scheme of each URL also needs to be explicitly whitelisted, as
      there are many schemes that can be abused. The most prominent
-     example is "<code agents="" but="" can="" have="" historically="" implement="" implemented="" indeed="" others="" title="javascript:</code>" user=""> 
+     example is "<code title="javascript-protocol">javascript:</code>", but user agents
+     can implement (and indeed, have historically implemented)
+     others.</li> 
 
      <li>Allowing a <code><a href="#the-base-element">base</a></code> element to be inserted means any
      <code><a href="#the-script-element">script</a></code> elements in the page with relative links can
      be hijacked, and similarly that any form submissions can get
      redirected to a hostile site.</li>
 
-    </code></ul></dd>
+    </ul></dd>
 
 
    <dt>Cross-site request forgery (CSRF)</dt>
Received on Friday, 16 December 2011 20:57:50 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 16 December 2011 20:57:50 GMT