From dfe94522afde01965f2f6482e05957283571a48d Mon Sep 17 00:00:00 2001
From: Oleg Baturin <baturin@gmail.com>
Date: Mon, 28 Oct 2024 13:46:41 +0700
Subject: [PATCH] update readme

---
 README.md | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/README.md b/README.md
index b55b688..d653b8f 100644
--- a/README.md
+++ b/README.md
@@ -248,7 +248,7 @@ use Yiisoft\Http\Method;
 $csrfHeaderMiddleware = $container->get(CsrfHeaderMiddleware::class);
 
 // Returns a new instance with the specified list of unsafe methods.
-$csrfHeaderMiddleware = $csrfHeaderMiddleware->withUnsafeMethods([Method::POST, Method::DELETE]);
+$csrfHeaderMiddleware = $csrfHeaderMiddleware->withUnsafeMethods([Method::POST]);
 
 // Returns a new instance with the specified header name.
 $csrfHeaderMiddleware = $csrfHeaderMiddleware->withHeaderName('X-CSRF-PROTECTION');
@@ -290,7 +290,7 @@ In this scenario
 
 #### Configure middlewares stack
 
-Add `CsrfHeaderMiddleware` to the main middleware stack
+Add `CsrfHeaderMiddleware` to the main middleware stack:
 
 ```php
 $middlewareDispatcher = $injector->make(MiddlewareDispatcher::class);
@@ -301,7 +301,7 @@ $middlewareDispatcher = $middlewareDispatcher->withMiddlewares([
 ]);
 ```
 
-or to the routes that must be protected.
+or to the routes that must be protected:
 
 ```php
 $collector = $container->get(RouteCollectorInterface::class);
@@ -344,7 +344,7 @@ Access-Control-Allow-Origin: https://example.com
 
 #### Configure middlewares stack
 
-Add `CsrfHeaderMiddleware` to the main middleware stack
+Add `CsrfHeaderMiddleware` to the main middleware stack:
 
 ```php
 $middlewareDispatcher = $injector->make(MiddlewareDispatcher::class);
@@ -355,7 +355,7 @@ $middlewareDispatcher = $middlewareDispatcher->withMiddlewares([
 ]);
 ```
 
-or to the routes that must be protected.
+or to the routes that must be protected:
 
 ```php
 $collector = $container->get(RouteCollectorInterface::class);
@@ -402,14 +402,14 @@ Access-Control-Allow-Origin: $frontendOrigin
 By default, `CsrfMiddleware` considers `GET`, `HEAD`, `OPTIONS` methods as safe operations and doesn't perform CSRF validation.
 In JavaScript-based apps, requests are made programmatically; therefore, to increase application protection, the only `OPTIONS` method can be considered safe and need not be appended with a CSRF token header.
 
-Configure `CsrfMiddleware` safe methods.
+Configure `CsrfMiddleware` safe methods:
 
 ```php
 $csrfMiddleware = $container->get(CsrfMiddleware::class);
 $csrfMiddleware = $csrfMiddleware->withSafeMethods([Method::OPTIONS]);
 ```
 
-Add `CsrfMiddleware` to the main middleware stack
+Add `CsrfMiddleware` to the main middleware stack:
 
 ```php
 $middlewareDispatcher = $injector->make(MiddlewareDispatcher::class);
@@ -421,7 +421,7 @@ $middlewareDispatcher = $middlewareDispatcher->withMiddlewares([
 ]);
 ```
 
-or to the routes that must be protected.
+or to the routes that must be protected:
 
 ```php
 $collector = $container->get(RouteCollectorInterface::class);