From b0c82a8b2d7731f79f5401879684310792eec9cd Mon Sep 17 00:00:00 2001
From: Nick Sweeting <github@sweeting.me>
Date: Wed, 8 May 2024 20:38:18 -0700
Subject: [PATCH] Updated Setting up Authentication (markdown)

---
 Setting-up-Authentication.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Setting-up-Authentication.md b/Setting-up-Authentication.md
index e567afe..6ab7ad8 100644
--- a/Setting-up-Authentication.md
+++ b/Setting-up-Authentication.md
@@ -203,7 +203,7 @@ curl -X 'GET' \
 
 > [!CAUTION]
 > We recommend sticking to header-based authentication and not using this method unless you deeply understand the CSRF/CORS security risks.
-> This method is mostly useful when accessing the API from external apps where CSRF/CORS is not a concern (e.g. `wget`, `curl`, Postman, etc.).
+> This method is mostly useful when accessing the API from external apps where CSRF/CORS is not a concern (e.g. `curl`, Postman, mobile apps, etc.).
 
 > Browsers enforce that requests made to the ArchiveBox API from *other domains* will not include any session cookies by default. This is is an [important security principle](https://docs.djangoproject.com/en/5.0/ref/csrf/) that protects you from API requests being initiated from JS served to users on websites you don't control (aka CSRF/CORS attacks).
 >