Browse code
Fix security documentation, XSS -> CSRF
Signed-off-by: Thomas Grainger <tagrain@gmail.com>
(cherry picked from commit ea8f9c972393e0929e643190573412410bf39c6a)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Thomas Grainger authored on 2016/04/15 19:27:09Showing 1 changed files
| ... | ... |
@@ -106,7 +106,7 @@ arbitrary containers. |
| 106 | 106 |
For this reason, the REST API endpoint (used by the Docker CLI to |
| 107 | 107 |
communicate with the Docker daemon) changed in Docker 0.5.2, and now |
| 108 | 108 |
uses a UNIX socket instead of a TCP socket bound on 127.0.0.1 (the |
| 109 |
-latter being prone to cross-site-scripting attacks if you happen to run |
|
| 109 |
+latter being prone to cross-site request forgery attacks if you happen to run |
|
| 110 | 110 |
Docker directly on your local machine, outside of a VM). You can then |
| 111 | 111 |
use traditional UNIX permission checks to limit access to the control |
| 112 | 112 |
socket. |