From d80029042b14a121bcd2037d2a8e986416dd4970 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Fri, 21 Nov 2025 22:57:50 +0100 Subject: [PATCH] fixup David Ashby's polish --- docs/KNOWN_RISKS.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/docs/KNOWN_RISKS.md b/docs/KNOWN_RISKS.md index a7565b40f4..3773b94f86 100644 --- a/docs/KNOWN_RISKS.md +++ b/docs/KNOWN_RISKS.md @@ -35,9 +35,10 @@ The command line tool and its options should be used and be expected to work as documented. Relying on undocumented functions or side-effects is unreliable as they may cause problems or get changed behavior between releases. -For several command line options you can confuse either curl or the involved +For several command line options, you can confuse either curl or the involved server endpoint by using characters or byte sequences for the option that are -not expected. For example line feeds and carriage returns. +not expected. For example, adding line feeds and/or carriage returns to inputs +can produce unexpected, invalid, or insecure results. ## API misuse