web commit by joey

[ikiwiki.git] / doc / security.mdwn

diff --git a/doc/security.mdwn b/doc/security.mdwn
index fa4480e1953eda4585d8580660b6218558c24691..f02576dc462a1949534c1879506f0ffe366a4f79 100644 (file)
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -10,7 +10,7 @@ to be kept in mind.
 
 # Probable holes
 
-_(THe list of things to fix.)_
+_(The list of things to fix.)_
 
 ## svn commit logs
 
@@ -62,7 +62,7 @@ this wiki, BTW.
 
 ## page locking can be bypassed via direct svn commits
 
-A [[lock]]ed page can only be edited on the web by an admin, but
+A locked page can only be edited on the web by an admin, but
 anyone who is allowed to commit direct to svn can bypass this. This is by
 design, although a subversion pre-commit hook could be used to prevent
 editing of locked pages when using subversion, if you really need to.
@@ -146,7 +146,7 @@ closed though.
 
 # Fixed holes
 
-_(Unless otherwise noted, these were discovered and immediatey fixed by the
+_(Unless otherwise noted, these were discovered and immediately fixed by the
 ikiwiki developers.)_
 
 ## destination directory file replacement
@@ -215,4 +215,5 @@ pages from source with some other extension.
 
 ## XSS attacks in page content
 
-ikiwiki supports [[HtmlSanitization]], though it can be turned off.
+ikiwiki supports protecting users from their own broken browsers via the
+[[plugins/htmlscrubber]] plugin, which is enabled by default.