Improve wording and file headers

2019-05-15 18:26:04 +02:00 · 2019-05-15 18:26:04 +02:00 · 0a6c880be0
parent 282d979af4
commit 0a6c880be0
5 changed files with 9 additions and 6 deletions
--- a/h5bp/security/x-content-type-options.conf
+++ b/h5bp/security/x-content-type-options.conf
@ -1,5 +1,5 @@
 # ----------------------------------------------------------------------
-# | Reducing MIME type security risks                                  |
+# | Content Type Options                                               |
 # ----------------------------------------------------------------------

 # Prevent some browsers from MIME-sniffing the response.
--- a/h5bp/security/x-frame-options.conf
+++ b/h5bp/security/x-frame-options.conf
@ -1,5 +1,5 @@
 # ----------------------------------------------------------------------
-# | Clickjacking                                                       |
+# | Frame Options                                                      |
 # ----------------------------------------------------------------------

 # Protect website against clickjacking.
--- a/h5bp/security/x-xss-protection.conf
+++ b/h5bp/security/x-xss-protection.conf
@ -1,7 +1,9 @@
 # ----------------------------------------------------------------------
-# | Reflected Cross-Site Scripting (XSS) attacks                       |
+# | Cross-Site Scripting (XSS) Protection                              |
 # ----------------------------------------------------------------------

+# Protect website reflected Cross-Site Scripting (XSS) attacks.
+#
 # (1) Try to re-enable the cross-site scripting (XSS) filter built
 #     into most web browsers.
 #
--- a/h5bp/ssl/policy_intermediate.conf
+++ b/h5bp/ssl/policy_intermediate.conf
@ -5,9 +5,9 @@
 # For services that don't need backward compatibility, the parameters
 # below provide a higher level of security.
 #
-# (!) This policy enfore a strong SSL configuration, which may raise
+# (!) This policy enforces a strong SSL configuration, which may raise
 #     errors with old clients.
-#     If a more compatible profile is required, use intermediate policy.
+#     If a more compatible profile is required, use the intermediate policy.
 #
 # (1) The NIST curves (prime256v1, secp384r1, secp521r1) are known
 #     to be weak and potentially vulnerable but are required to support
--- a/h5bp/ssl/policy_modern.conf
+++ b/h5bp/ssl/policy_modern.conf
@ -3,7 +3,8 @@
 # ----------------------------------------------------------------------

 # For services that want to be on the bleeding edge, the parameters
-# below sacrifice compatibility for the highest level of security & performance
+# below sacrifice compatibility for the highest level of security
+# and performance.
 #
 # (!) TLSv1.3 and it's 0-RTT feature require NGINX >=1.15.4 and OpenSSL >=1.1.1
 #     to be installed.