From 255e64821c14004086ebc45cae962df3c99b4a77 Mon Sep 17 00:00:00 2001
From: Ben Webb <bjwebb67@googlemail.com>
Date: Fri, 15 Nov 2013 16:22:51 +0000
Subject: [PATCH] Update XML-Injection.rst

I think this is what the text meant to be.

Although, "XMl Entity Expansion is somewhat similar to XML Entity Expansion" does seem like it could be a recursion joke.
---
 book/lang/en/source/_includes/XML-Injection.rst | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/book/lang/en/source/_includes/XML-Injection.rst b/book/lang/en/source/_includes/XML-Injection.rst
index 8f621c7..b795bab 100644
--- a/book/lang/en/source/_includes/XML-Injection.rst
+++ b/book/lang/en/source/_includes/XML-Injection.rst
@@ -167,7 +167,7 @@ It is also worth considering that it's preferable to simply discard data that we
 XML Entity Expansion
 --------------------
 
-XMl Entity Expansion is somewhat similar to XML Entity Expansion but it focuses primarily on enabling a Denial Of Service (DOS) attack by attempting to exhaust the resources of the target application's server environment. This is achieved in XML Entity Expansion by creating a custom entity definition in the XML's ``DOCTYPE`` which could, for example, generate a far larger XML structure in memory than the XML's original size would suggest thus allowing these attacks to consume memory resources essential to keeping the web server operating efficiently. This attack also applies to the XML-serialisation of HTML5 which is not currently recognised as HTML by the ``libxml2`` extension.
+XML Entity Expansion is somewhat similar to XML Entity Injection but it focuses primarily on enabling a Denial Of Service (DOS) attack by attempting to exhaust the resources of the target application's server environment. This is achieved in XML Entity Expansion by creating a custom entity definition in the XML's ``DOCTYPE`` which could, for example, generate a far larger XML structure in memory than the XML's original size would suggest thus allowing these attacks to consume memory resources essential to keeping the web server operating efficiently. This attack also applies to the XML-serialisation of HTML5 which is not currently recognised as HTML by the ``libxml2`` extension.
 
 Examples of XML Entity Expansion 
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
@@ -274,4 +274,4 @@ Where you are intent on using ``SimpleXML``, bear in mind that you can import a
 SOAP Injection
 --------------
 
-TBD
\ No newline at end of file
+TBD