Commits

daveschaefer committed b72a686

Docs: Add link to new security page from FAQ ssl question

Comments (0)

Files changed (1)

sphinx/source/appendix/faq.rst

 :A: See `Malicious HTML Tags Embedded in Client Web Requests <http://www.cert.org/advisories/CA-2000-02.html>`_
     and `Understanding Malicious Content Mitigation for Web Developers <http://www.cert.org/tech_tips/malicious_code_mitigation.html>`_
     at `CERT <http://www.cert.org/>`_ for an overview of Cross-Site Scripting
-    (XSS) issues. It is ultimately up to the developer to remove potential XSS
-    vulnerabilities from their apps and sites.
+    (XSS) issues.
+
+    While it is ultimately up to the developer to remove potential XSS
+    vulnerabilities from their apps and sites, there are several Cherrypy
+    settings that can help. They are discussed in the
+    :doc:`programmer's guide </progguide/security>`.
 
 :Q: Why does CherryPy take CPU/RAM even though it's not yet receiving requests?