docs: use correct headings in tutorial/security.md (#45397)

2026-01-09 15:38:08 -05:00 · 2025-02-06 11:16:24 +01:00
parent c0282eb9c8
commit 6adc737a89
1 changed files with 2 additions and 2 deletions
--- a/docs/tutorial/security.md
+++ b/docs/tutorial/security.md
@@ -810,7 +810,7 @@ potential error cases, and refer to
 You should not directly expose Electron's APIs, especially IPC, to untrusted web content in your
 preload scripts.

-### Why?
+#### Why?

 Exposing raw APIs like `ipcRenderer.on` is dangerous because it gives renderer processes direct
 access to the entire IPC event system, allowing them to listen for any IPC events, not just the ones
@@ -823,7 +823,7 @@ events, passing the callback directly means the renderer gets access to this eve

 In short, we want the untrusted web content to only have access to necessary information and APIs.

-### How?
+#### How?

 ```js title='preload'.js'
 // Bad