[#13171] Some small rewordings

wouterj · wouterj · commit b64dd0278804 · 2020-04-11T21:47:32.000+02:00
diff --git a/http_cache.rst b/http_cache.rst
@@ -1,8 +1,6 @@
 .. index::
    single: Cache
 
-.. _http-cache:
-
 HTTP Cache
 ==========
 
diff --git a/security.rst b/security.rst
@@ -293,11 +293,10 @@ accidentally block Symfony's dev tools - which live under URLs like ``/_profiler
 and ``/_wdt``.
 
 All *real* URLs are handled by the ``main`` firewall (no ``pattern`` key means
-it matches *all* URLs).
-A firewall can have many modes of authentication, in other words many ways to
-ask the question "Who are you?".
-It is convenient to first let users answer "I'm no one in particular, just a
-visitor as any other", this mode is ``anonymous``.
+it matches *all* URLs). A firewall can have many modes of authentication,
+in other words many ways to ask the question "Who are you?". Often, the
+user is unknown (i.e. not logged in) when they first visit your website. The
+``anonymous`` mode, if enabled, is used for these requests.
 
 In fact, if you go to the homepage right now, you *will* have access and you'll
 see that you're "authenticated" as ``anon.``. The firewall verified that it
@@ -306,21 +305,21 @@ does not know your identity, and so, you are anonymous:
 .. image:: /_images/security/anonymous_wdt.png
    :align: center
 
-It means any request can have an anonymous token to access some resource, while
-some actions (i.e. some pages or buttons) can still require some privileges.
-A request can then access a form login without being authenticated as a unique
-user (otherwise an infinite redirection loop would happen asking the user to
-authenticate while trying to doing so).
+It means any request can have an anonymous token to access some resource,
+while some actions (i.e. some pages or buttons) can still require specific
+privileges. A user can then access a form login without being authenticated
+as a unique user (otherwise an infinite redirection loop would happen
+asking the user to authenticate while trying to doing so).
 
 You'll learn later how to deny access to certain URLs, controllers, or part of
 templates.
 
-.. note::
+.. tip::
 
-    The ``lazy`` anonymous mode prevent the session from being started if there
-    is no need for authorization (i.e. explicit check for a user privilege).
-    This is important to keep requests cacheable (see
-    :ref:`HTTP cache <http-cache>`).
+    The ``lazy`` anonymous mode prevents the session from being started if
+    there is no need for authorization (i.e. explicit check for a user
+    privilege). This is important to keep requests cacheable (see
+    :doc:`/http_cache`).
 
 .. note::
 
