diff --git a/draft-ietf-httpbis-rfc6265bis.md b/draft-ietf-httpbis-rfc6265bis.md index 4ad9233cb..2071f9c6e 100644 --- a/draft-ietf-httpbis-rfc6265bis.md +++ b/draft-ietf-httpbis-rfc6265bis.md @@ -1516,9 +1516,8 @@ against CSRF as a general category of attack: 2. Features like `` {{prerendering}} can be exploited to create "same-site" requests without the risk of user detection. -When possible, developers should use a session management mechanism such as -that described in {{top-level-navigations}} to mitigate the risk of CSRF more -completely. +Developers can more completely mitigate CSRF through a session management +mechanism such as that described in {{top-level-navigations}}. #### "Lax-Allowing-Unsafe" enforcement {#lax-allowing-unsafe}