Update 09.2.md

typographical errors and improved readability

en/09.2.md

@@ -4,9 +4,9 @@ Filtering user data is one way we can improve the security of our web apps, usin
 
 Our introduction to filtering data is divided into three steps:
 
-1. identifying the data; we need to filter the data to figure out where it originated form
+1. identifying the data; we need to filter the data to figure out where it originated from
 2. filtering of the data itself; we need to figure out what kind of data we have received
-3. distinguish between filtered (sanitized) and tainted data; after the data has been filtered, we can be assured that it is is secure
+3. distinguish between filtered (sanitized) and tainted data; after the data has been filtered, we can be assured that it is secure
 
 ## Identifying data
 
@@ -16,13 +16,13 @@ Data that has been entered by a user is very easy to recognize in Go. We use `r.
 
 ## Filtering data
 
-If we know the source of the data, we can filter it. Filtering is a bit of a formal use of the term. The process is known by many other terms such as input cleaning, validation and sanitization. Despite the fact that these terms somewhat differ in their meaning, they all refer to the same thing: the process of preventing illegal data from making its way into your applications.
+If we know the source of the data, we can filter it. Filtering is a bit of a formal use of the term. The process is known by many other terms such as input cleaning, validation and sanitization. Despite the fact that these terms differ somewhat in their meaning, they all refer to the same thing: the process of preventing illegal data from making its way into your applications.
 
 There are many ways to filter data, some of which are less secure than others. The best method is to check whether or not the data itself meets the legal requirements dictated by your application. When attempting to do so, it's very important not to make any attempts at correcting the illegal data; this could allow malicious users to manipulate your validation rules for their own needs, altogether defeating the purpose of filtering the data in the first place. History has proven that attempting to correct invalid data often leads to security vulnerabilities. Let's take a look at an overly simple example for illustration purposes. Suppose that a banking system asks users to supply a secure, 6 digit password. The system validates the length of all passwords.  One might naively write a validation rule that corrects passwords of illegal lengths: "If a password is shorter than the legal length, fill in the remaining digits with 0s". This simple rule would allow attackers to guess just the first few digits of a password to successfully gain access to user accounts!
 
 We can use several libraries to help us to filter data: 
 
-- The strconv package can help us to convert user inputed strings into specific types, since `r.Form`s are maps of string values. Some common string conversions provided by strconv are `Atoi`, `ParseBool`, ` ParseFloat ` and  `ParseInt`.
+- The strconv package can help us to convert strings input by users into specific types, since `r.Form`s are maps of string values. Some common string conversions provided by strconv are `Atoi`, `ParseBool`, ` ParseFloat ` and  `ParseInt`.
 - Go's `strings` package contains some filter functions like `Trim`, `ToLower` and `ToTitle`, which can help us to obtain data in a specific formats, according to our needs.
 - Go's `regexp` package can be used to handle cases which are more complex in nature, such as determining whether an input is an email address, a birthday, etc. 
 
@@ -69,7 +69,7 @@ The above method for filtering data against a set of known, legitimate values is
 
 ## Summary
 
-Data filtering plays a vital role in the security of modern web applications. Most security vulnerabilities are the result of improperly filtering data or neglecting to properly validate it. Because the previous section dealt with CSRF attacks and the next two will be introducing XSS attacks and SQL injection, there was no natural segue into dealing with as important a topic as data sanitization, so in this section, we paid special attention to it.
+Data filtering plays a vital role in the security of modern web applications. Most security vulnerabilities are the result of improperly filtering data or neglecting to properly validate it. Because the previous section dealt with CSRF attacks and the next two will be introducing XSS attacks and SQL injection, there was no natural segue into dealing with a topic as important as data sanitization, so in this section, we paid special attention to it.
 
 ## Links