Update files/en-us/web/security/attacks/xss/index.md

Co-authored-by: Hamish Willee <[email protected]>
mdn · Dec 13, 2024 · 4f095a1 · 4f095a1
1 parent 4557801
commit 4f095a1
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/files/en-us/web/security/attacks/xss/index.md b/files/en-us/web/security/attacks/xss/index.md
@@ -202,7 +202,7 @@ However, suppose the template is like this:
 <div \{{ my_input }}></div>
 ```
 
-The `my_input` variable will be treated as an HTML attribute by the browser. In this case, if `my_input` is `onmouseover="alert('XSS')"`, then the output encoding that Django provides won't prevent the attack.
+In this context the browser will treat the `my_input` variable as an HTML attribute. If `my_input` is `onmouseover="alert('XSS')"`, the output encoding provided by Django won't prevent the attack.
 
 The browser uses different rules to process different parts of a web page — HTML elements and their content, HTML attributes, inline styles, inline scripts. The type of encoding that needs to be done is different depending on the context in which the input is being interpolated.