From fd55679c72db047dbe345ea02600d447471b6fb4 Mon Sep 17 00:00:00 2001
From: Qiang Xue <qiang.xue@gmail.com>
Date: Mon, 20 Oct 2014 11:54:34 -0400
Subject: [PATCH] Fixes #5266

---
 docs/guide/runtime-sessions-cookies.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/docs/guide/runtime-sessions-cookies.md b/docs/guide/runtime-sessions-cookies.md
index d5fa4bb..b1b1cbb 100644
--- a/docs/guide/runtime-sessions-cookies.md
+++ b/docs/guide/runtime-sessions-cookies.md
@@ -304,8 +304,9 @@ on the client side. This is achieved by signing each cookie with a hash string, 
 tell if a cookie is modified on the client side or not. If so, the cookie will NOT be accessible through the
 [[yii\web\Request::cookies|cookie collection]] of the `request` component.
 
-> Info: If a cookie fails the validation, you may still access it through `$_COOKIE`. This is because third-party
-libraries may manipulate cookies in their own way, which does not involve cookie validation.
+> Note: Cookie validation only protects cookie values from being modified. If a cookie fails the validation, 
+you may still access it through `$_COOKIE`. This is because third-party libraries may manipulate cookies 
+in their own way, which does not involve cookie validation.
 
 Cookie validation is enabled by default. You can disable it by setting the [[yii\web\Request::enableCookieValidation]]
 property to be false, although we strongly recommend you do not do so.
--
libgit2 0.27.1