From 028f65d49365511206ffa21a64590ca0a0d3586d Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Thu, 7 Nov 2024 23:43:58 +0100 Subject: [PATCH] CVE-2024-9681.md: avoid the use of the word "will" --- docs/CVE-2024-9681.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/CVE-2024-9681.md b/docs/CVE-2024-9681.md index c47d71aecc..6849f3c2fb 100644 --- a/docs/CVE-2024-9681.md +++ b/docs/CVE-2024-9681.md @@ -42,7 +42,7 @@ was otherwise intended to *possibly* be protected. But: `example.com` as per above is deliberately setup for HSTS, and servers should -probably expect that clients will try upgrading to HTTPS for a while outside +probably expect that clients migth try upgrading to HTTPS for a while outside of the time range set in its headers. The access that fails in this scenario tries to use plain HTTP to the domain.