Apparently that didn't need to be encoded.

Stripping < and >

1 files changed, 6 insertions, 6 deletions

diff --git a/plugins/session/README.md b/plugins/session/README.md
index 4cd4273..3412f7d 100644
--- a/plugins/session/README.md
+++ b/plugins/session/README.md
@@ -29,8 +29,8 @@ Installation
 This plugin uses a database table, described in the packaged install.sql file.
 Install it with this command:
 
-    cat ./install.sql | replace '{TAB}' '<tablename>' | \
-    mysql -h <host> -D <db> -u <user> -p<password>
+    cat ./install.sql | replace '{TAB}' '<tablename>' | \
+    mysql -h <host> -D <db> -u <user> -p<password>
 
 Next, you need to configure the database connection both in the main configuration
 file and in the local `./config.php` of this plugin.
@@ -49,11 +49,11 @@ value.
 If the client making the POST request has a valid session for the site you're
 authenticating with, then you will receive a JSON-encoded response as follows:
 
-    `{"user":"&lt;user&gt;","secret":"&lt;secret&gt;","time":"&lt;time&gt;"}
+    `{"user":"<user>","secret":"<secret>","time":"<time>"}
 
-From the point in `&lt;time&gt;` to however long you configured the timeout
-(60 seconds are recommended), `&lt;secret&gt;` will be accepted as a password
-by ejabberd for `&lt;user&gt;` on any domains you set up to use the session
+From the point in `<time>` to however long you configured the timeout
+(60 seconds are recommended), `<secret>` will be accepted as a password
+by ejabberd for `<user>` on any domains you set up to use the session
 plugin.
 
 Security Considerations