From 5b0e720f7044209c277c74a3c4d3692eaa74b9ca Mon Sep 17 00:00:00 2001
From: Alex <53379240+AlexandraC0@users.noreply.github.com>
Date: Tue, 12 Sep 2023 11:21:42 +0200
Subject: [PATCH] Update README.md

---
 packages/lessons/cors/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/lessons/cors/README.md b/packages/lessons/cors/README.md
index 95811c8..a5e283b 100644
--- a/packages/lessons/cors/README.md
+++ b/packages/lessons/cors/README.md
@@ -7,7 +7,7 @@ owasp: 'API7:2023'
 authors: ['escape']
 ---
 
-Modern browsers all feature new security mechanisms offering developers ways to protect their users from online threats. A common threat is cross-site request forgery (CSRF), which is an attack that tricks a user into performing an action they didn't intend to do. In this lesson, you'll learn how to setup the `Access-Control-Allow-Origin` header to protect your users from CSRF attacks.
+Modern browsers all feature new security mechanisms offering developers ways to protect their users from online threats. A common threat is [cross-site request forgery (CSRF)](https://escape.tech/blog/understanding-and-dealing-with-cross-site-request-forgery-attacks/), which is an attack that tricks a user into performing an action they didn't intend to do. In this lesson, you'll learn how to setup the `Access-Control-Allow-Origin` header to protect your users from CSRF attacks.
 
 ## Cross-site request forgery