Update src/routes/solid-start/guides/security.mdx

Author: LadyBluenotes

src/routes/solid-start/guides/security.mdx

@@ -26,7 +26,8 @@ To configure the `Content-Security-Policy` HTTP header, a [middleware](/solid-st
 
 If you want to use a [strict CSP](https://developer.mozilla.org/en-US/docs/Web/HTTP/CSP#strict_csp) with nonces:
 
-1. Create a middleware that configures the CSP header, then register it to run on the [`onRequest`](/solid-start/advanced/middleware#onrequest) event.
+1. Create a middleware that configures the CSP header.
+It must then be registered using the [`onRequest`](/solid-start/advanced/middleware#onrequest) event.
 2. Create a nonce using a cryptographic random value generator, such as the [`randomBytes`](https://nodejs.org/api/crypto.html#cryptorandombytessize-callback) function from the `crypto` module.
 3. Store the nonce in the [`locals`](/solid-start/advanced/middleware#locals) object.
 4. Configure SolidStart to use the nonce in your [`entry-server.tsx`](/solid-start/reference/entrypoints/entry-server) file.