Update xmldoc to make it clear that it's a quote.

Lombiq · Dec 29, 2023 · cf26ddd · cf26ddd
1 parent 02e3149
commit cf26ddd
Showing 1 changed file with 5 additions and 5 deletions.
diff --git a/Lombiq.HelpfulLibraries.AspNetCore/Security/ApplicationBuilderExtensions.cs b/Lombiq.HelpfulLibraries.AspNetCore/Security/ApplicationBuilderExtensions.cs
@@ -56,11 +56,11 @@ public static IApplicationBuilder UseContentSecurityPolicyHeader(this IApplicati
     /// Adds a middleware that sets the <c>X-Content-Type-Options</c> header to <c>nosniff</c>.
     /// </summary>
     /// <remarks><para>
-    /// The Anti-MIME-Sniffing header X-Content-Type-Options was not set to 'nosniff'. This allows older versions of
-    /// Internet Explorer and Chrome to perform MIME-sniffing on the response body, potentially causing the response
-    /// body to be interpreted and displayed as a content type other than the declared content type. Current (younger
-    /// than early 2014) and legacy versions of Firefox will use the declared content type (if one is set), rather than
-    /// performing MIME-sniffing.
+    /// As per <a href="https://www.zaproxy.org/docs/alerts/10021/">the documentation</a>: "The Anti-MIME-Sniffing
+    /// header X-Content-Type-Options was not set to ’nosniff’. This allows older versions of Internet Explorer and
+    /// Chrome to perform MIME-sniffing on the response body, potentially causing the response body to be interpreted
+    /// and displayed as a content type other than the declared content type. Current (early 2014) and legacy versions
+    /// of Firefox will use the declared content type (if one is set), rather than performing MIME-sniffing."
     /// </para></remarks>
     public static IApplicationBuilder UseNosniffContentTypeOptionsHeader(this IApplicationBuilder app) =>
         app.Use(async (context, next) =>