chore: Fix typos

Author: Adam Harvey

2020-02-07-transactional-mfa.md

@@ -229,7 +229,7 @@ In the `app/index.html` which is auto-generated as a boilerplate during the crea
 
 **NOTE**: You'll need to replace the `baseUrl`, `clientId`, and `issuer` above with the values from your own Okta org.
 
-What's going on here is that the first time through, there will be a `stateToken` and the step-up MFA will be triggered. Once you've satisfied the factor requirement (such as acknowledging the push notification in Okta Verify), you're redirected back to this same page by virtue of the `redirectUri` defined above. The redirect includes the authorization code set by okta. The redirect is detected and the authorization code flow + pkce is completed by the widget:
+What's going on here is that the first time through, there will be a `stateToken` and the step-up MFA will be triggered. Once you've satisfied the factor requirement (such as acknowledging the push notification in Okta Verify), you're redirected back to this same page by virtue of the `redirectUri` defined above. The redirect includes the authorization code set by Okta. The redirect is detected and the authorization code flow + pkce is completed by the widget:
 
 ```javascript
 if (window.location.href.indexOf('#')) {

2025-02-26-okta-hosted-sign-in-widget.md

@@ -812,7 +812,7 @@ The remaining task is to customize the default Content Security Policy (CSP) to
 - ✅ Ensure the libraries you use for DOM manipulation are safe from XSS and appropriately sanitize inputs (if this applies to you). We have several blog posts on this topic if you search for [XSS](https://developer.okta.com/search/#q=xss&f:@commonoktasource=[Developer%20blog]) in our content collection. 
 - ✅ And lastly, it never hurts to get a security review when dealing with code affecting authentication.
 
-CSP is located under the **Settings** tab on the **Sign-in page** section, **Customizations** > **Brands** > **[your custom brand]** > **Pages** > **Sign-in page** > **Settings**. Un the **Content Security Policy** section, click on the **edit** button and add the following **Trusted external resources**:
+CSP is located under the **Settings** tab on the **Sign-in page** section, **Customizations** > **Brands** > **[your custom brand]** > **Pages** > **Sign-in page** > **Settings**. In the **Content Security Policy** section, click on the **edit** button and add the following **Trusted external resources**:
 - https://code.jquery.com
 - https://cdnjs.cloudflare.com
 - https://fonts.googleapis.com

README.md

@@ -127,7 +127,7 @@ What this command does is:
 - `-v $PWD:/app` - This mounts the current directory (the okta-blog source code repo) as `/app` in the Docker container's filesystem. This way, if you change articles or mess with the blog locally, your changes will be picked up by the blog software.
 - `-it` - These CLI options just map the Docker container to your current terminal so that when you CTRL+c to exit the blog the Docker container will be killed.
 - `okta-blog` - This is telling Docker to run the `okta-blog` image you created earlier using that `docker build` command. The `-t` option you specified earlier when running `docker build` assigned a name tag to the image so you could easily reference it.
-- `npm start` - This is the actual command you're telling Docker to run to launch the blog sofware. Docker will start the container up and then run this command inside the container to launch the Jekyll blog.
+- `npm start` - This is the actual command you're telling Docker to run to launch the blog software. Docker will start the container up and then run this command inside the container to launch the Jekyll blog.
 
 After that, all you have to do is open your browser and visit `http://localhost:4000` to visit the site!
 
@@ -206,7 +206,7 @@ To add a table of contents, use the following:
 {% include toc.md %}
 ```
 
-For AciiDoc, add the following just after the front matter:
+For AsciiDoc, add the following just after the front matter:
 
 ```
 :page-liquid: