Apply suggestions from code review

Co-authored-by: hyperlint-ai[bot] <154288675+hyperlint-ai[bot]@users.noreply.github.com>

Author: securitypedant

src/content/docs/reference-architecture/design-guides/leveraging-cloudflare-for-your-saas-applications.mdx

@@ -21,7 +21,7 @@ Also a customer of your application might wish to have their main website domain
 
 Many SaaS applications have caching and security solutions, such as Cloudflare, in front of their applications and as such need to onboard these hostnames. This is often done using a "Zone" model, where inside Cloudflare, or another vendor such as AWS Cloudfront, a "Zone" is created for app.customer.com. So as each new customer is onboarded, a new "Zone" is created and again, this might be manageable in the tens and hundreds of customers. But when you get to thousands and millions, management of all these zones and their configurations is hard.
 
-Cloudflare for Platforms extends far beyond this traditional model of most edge providers, by managing traffic across many hostnames and domains in one “Zone”. You can now manage `www.customer1.com` and `www.customer2.net`, and millions more hostnames, through the same configuration; while also customizing features as needed. This reference architecture explores the challenges SaaS application providers face, and details the Workers for Platforms solution.
+Cloudflare for Platforms extends far beyond this traditional model of most edge providers, by managing traffic across many hostnames and domains in one "Zone". You can now manage `www.customer1.com` and `www.customer2.net`, and millions more hostnames, through the same configuration; while also customizing features as needed. This reference architecture explores the challenges SaaS application providers face, and details the Workers for Platforms solution.
 
 This document provides a reference and guidance for using Cloudflare for Platforms. The document is split into three main sections.
 
@@ -55,7 +55,7 @@ Software as a Service (SaaS) has been a key innovation of the cloud computing er
 
 For many SaaS applications, it's important to provide a service under the client's own domain. Their domain is important for branding, security, and organization; and many clients have heavily invested in the right `.com` to represent their business. Many clients with domains linked to their brand will push back against deploying their applications on the provider's domain.
 
-This is especially true for customer facing applications like an e-commerce solution. You would want to expose this as `shop.example.com`, not `example.shop.com`. To secure traffic to the SaaS application, the provider (“shop”) needs a certificate for their customer, `example.com`.
+This is especially true for customer facing applications like an e-commerce solution. You would want to expose this as `shop.example.com`, not `example.shop.com`. To secure traffic to the SaaS application, the provider ("shop") needs a certificate for their customer, `example.com`.
 
 ![Figure 1: eCommerce flow through a SaaS platform.](~/assets/images/reference-architecture/leveraging-cloudflare-for-your-saas-applications/figure1.svg "Figure 1: eCommerce flow through a SaaS platform.")
 
@@ -73,7 +73,7 @@ Cloudflare for SaaS provides a unique solution to these common challenges for Sa
 
 ### Secure and powerful validation modes
 
-Cloudflare has a unique ability to manage the Domain Control Validation (DCV) process in a SaaS scenario. In a traditional model, certificate issuers ask domain owners to place a [particular “token”, either a DNS TXT record or a small text file](/ssl/edge-certificates/changing-dcv-method/dcv-flow/#dcv-tokens), at their origin in order to validate that they are authorized for that domain. This has to be done repeatedly at certificate renewal, which has become more common with recent security improvements.
+Cloudflare has a unique ability to manage the Domain Control Validation (DCV) process in a SaaS scenario. In a traditional model, certificate issuers ask domain owners to place a [particular "token", either a DNS TXT record or a small text file](/ssl/edge-certificates/changing-dcv-method/dcv-flow/#dcv-tokens), at their origin in order to validate that they are authorized for that domain. This has to be done repeatedly at certificate renewal, which has become more common with recent security improvements.
 
 ![Figure 3: The DCV process.](~/assets/images/reference-architecture/leveraging-cloudflare-for-your-saas-applications/figure3.svg "Figure 3: The DCV process.")
 
@@ -95,7 +95,7 @@ If you need even more flexibility than our rules provide, to give individual beh
 
 If you need more customization than even metadata can provide, or are running a service where your customers write or generate their own application code, [Workers for Platforms](/cloudflare-for-platforms/workers-for-platforms/) lets you deploy a complete serverless application for each of your customers.
 
-We provide several key features such as the [Dispatch Worker](/cloudflare-for-platforms/workers-for-platforms/get-started/dynamic-dispatch/), which gives you infinite flexibility in deciding which customer application to route to. For example, you can run security checks, then decode an HTTP header telling you the user's ID, and then load the appropriate serverless application for this user's request. [Outbound workers](/cloudflare-for-platforms/workers-for-platforms/configuration/outbound-workers/) give you additional visibility and control into what Internet resources your customer's applications can access; providing a familiar security model in a distributed deployment.
+We provide several key features such as the [Dispatch Worker](/cloudflare-for-platforms/workers-for-platforms/get-started/dynamic-dispatch/), which gives you infinite flexibility in deciding which customer application to route to. For example, you can run security checks, then decode an HTTP header telling you the user's ID, and then load the appropriate serverless application for this user's request. [Outbound Workers](/cloudflare-for-platforms/workers-for-platforms/configuration/outbound-workers/) give you additional visibility and control into what Internet resources your customer's applications can access; providing a familiar security model in a distributed deployment.
 
 We also provide features for [observability](/cloudflare-for-platforms/workers-for-platforms/configuration/observability/), [configuration](/terraform/), and [many other tools](/) needed for a production-grade platform deployment. These are detailed in other [reference architectures](/reference-architecture/), and function the same way for platform cases as for the more standard models described in those guides.
 
@@ -128,9 +128,9 @@ Here, we're not just provisioning a certificate for each client \- we're giving
 
 ### Serverless application platform for your customers
 
-In the most advanced design, we are customizing a full serverless application in our Workers runtime for each of your customers. Simple workers perform similar tasks to feature customization. Advanced Workers can run your entire platform on the Cloudflare network.
+In the most advanced design, we are customizing a full serverless application in our Workers runtime for each of your customers. Simple Workers perform similar tasks to feature customization. Advanced Workers can run your entire platform on the Cloudflare network.
 
-1. Instead of deploying customized Cloudflare capabilities, each customer has their own “User Worker” JavaScript serverless application containing custom code
+1. Instead of deploying customized Cloudflare capabilities, each customer has their own "User Worker" JavaScript serverless application containing custom code
 2. You retain control through Dispatch Workers, which determine which code to run, and Outbound Workers which restrict the access of customer code.
 3. Use advanced Developer Platform capabilities like D1, Workers KV, and Queues to build your entire business on Cloudflare