diff --git a/rack-protection/lib/rack/protection/session_hihacking.rb b/rack-protection/lib/rack/protection/session_hihacking.rb
index 6bf21ceb..b3b3d2b6 100644
--- a/rack-protection/lib/rack/protection/session_hihacking.rb
+++ b/rack-protection/lib/rack/protection/session_hihacking.rb
@@ -8,7 +8,9 @@ module Rack
     # More infos::         http://en.wikipedia.org/wiki/Session_hijacking
     #
     # Tracks request properties like the user agent in the session and empties
-    # the session if those properties change.
+    # the session if those properties change. This essentially prevents attacks
+    # from Firesheep. Since all headers taken into consideration might be
+    # spoofed, too, this will not prevent all hijacking attempts.
     #
     # Not Yet Implemented!
     class SessionHijacking < Base