diff --git a/conf.d/.default.conf b/conf.d/.default.conf index 910ba69..2059bbd 100644 --- a/conf.d/.default.conf +++ b/conf.d/.default.conf @@ -2,7 +2,7 @@ # | Default behavior for unknown hosts | # ---------------------------------------------------------------------- # -# Drop requests for unknown hosts +# Drop requests for unknown hosts. # # If no default server is defined, Nginx will use the first found server. # To prevent host header attacks, or other potential problems when an unknown diff --git a/conf.d/no-ssl.default.conf b/conf.d/no-ssl.default.conf index 9a4ba8b..f3e2be3 100644 --- a/conf.d/no-ssl.default.conf +++ b/conf.d/no-ssl.default.conf @@ -2,7 +2,7 @@ # | Default behavior for unknown hosts | # ---------------------------------------------------------------------- # -# Drop requests for unknown hosts +# Drop requests for unknown hosts. # # If no default server is defined, Nginx will use the first found server. # To prevent host header attacks, or other potential problems when an unknown diff --git a/h5bp/security/content-security-policy.conf b/h5bp/security/content-security-policy.conf index 6284d23..f77fb4c 100644 --- a/h5bp/security/content-security-policy.conf +++ b/h5bp/security/content-security-policy.conf @@ -5,7 +5,7 @@ # Mitigate the risk of cross-site scripting and other content-injection # attacks. # -# This can be done by setting a `Content Security Policy` which whitelists +# This can be done by setting a Content Security Policy which permits # trusted sources of content for your website. # # There is no policy that fits all websites, you will have to modify the diff --git a/h5bp/security/x-xss-protection.conf b/h5bp/security/x-xss-protection.conf index d3ae23e..df81f49 100644 --- a/h5bp/security/x-xss-protection.conf +++ b/h5bp/security/x-xss-protection.conf @@ -8,9 +8,9 @@ # web browsers. # # The filter is usually enabled by default, but in some cases, it may be -# disabled by the user. However, in Internet Explorer, for example, it can be -# re-enabled just by sending the `X-XSS-Protection` header with the value -# of `1`. +# disabled by the user. However, in Internet Explorer, for example, it can +# be re-enabled just by sending the `X-XSS-Protection` header with the +# value of `1`. # # (2) Prevent web browsers from rendering the web page if a potential reflected # (a.k.a non-persistent) XSS attack is detected by the filter. diff --git a/h5bp/ssl/certificate_files.conf b/h5bp/ssl/certificate_files.conf index 27a1042..332f885 100644 --- a/h5bp/ssl/certificate_files.conf +++ b/h5bp/ssl/certificate_files.conf @@ -8,7 +8,7 @@ # users of IE 8 and below on WinXP can see your main site without SSL errors. # # (1) Certificate and key files location -# The certificate file can contain intermediate certificate. +# The certificate file can contain an intermediate certificate. # # https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_certificate # @@ -17,7 +17,7 @@ # # https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_trusted_certificate # -# (3) CA certificate file location for client certificate authentication +# (3) CA certificate file location for client certificate authentication. # # https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_client_certificate diff --git a/h5bp/web_performance/pre-compressed_content_brotli.conf b/h5bp/web_performance/pre-compressed_content_brotli.conf index b857f6e..fc8ad5e 100644 --- a/h5bp/web_performance/pre-compressed_content_brotli.conf +++ b/h5bp/web_performance/pre-compressed_content_brotli.conf @@ -8,7 +8,7 @@ # (!) To make this part relevant, you need to generate encoded files by your # own. Enabling this part will not auto-generate brotlied files. # -# Note that some clients (eg. browsers) require a secure connection to request +# Note that some clients (e.g. browsers) require a secure connection to request # brotli-compressed resources. # https://www.chromestatus.com/feature/5420797577396224 #