diff --git a/docs/source/settings.rst b/docs/source/settings.rst
index ec1d2b45..c20af3da 100644
--- a/docs/source/settings.rst
+++ b/docs/source/settings.rst
@@ -210,7 +210,7 @@ H            protocol
 s            status
 B            response length
 b            response length or ``'-'`` (CLF format)
-f            referer
+f            referrer (note: header is ``referer``)
 a            user agent
 T            request time in seconds
 M            request time in milliseconds
@@ -314,7 +314,7 @@ file format.
 
 The log config dictionary to use, using the standard Python
 logging module's dictionary configuration format. This option
-takes precedence over the :ref:`logconfig` and :ref:`logConfigJson` options,
+takes precedence over the :ref:`logconfig` and :ref:`logconfig-json` options,
 which uses the older file configuration format and JSON
 respectively.
 
@@ -569,7 +569,7 @@ Whether client certificate is required (see stdlib ssl module's)
 ===========  ===========================
 --cert-reqs      Description
 ===========  ===========================
-`0`          no client veirifcation
+`0`          no client verification
 `1`          ssl.CERT_OPTIONAL
 `2`          ssl.CERT_REQUIRED
 ===========  ===========================
@@ -1504,32 +1504,6 @@ on a proxy in front of Gunicorn.
 
 .. versionadded:: 22.0.0
 
-.. _tolerate-dangerous-framing:
-
-``tolerate_dangerous_framing``
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-
-**Command line:** ``--tolerate-dangerous-framing``
-
-**Default:** ``False``
-
-Process requests with both Transfer-Encoding and Content-Length
-
-This is known to induce vulnerabilities, but not strictly forbidden by RFC9112.
-
-In any case, the connection is closed after the malformed request,
-as it is unclear if and at which boundary additional requests start.
-
-Use with care and only if necessary.
-Temporary; will be changed or removed in a future version.
-
-.. versionadded:: 22.0.0
-.. versionchanged: 22.1.0
-   The newly added rejection of invalid and dangerous characters CR, LF and NUL in
-   header field values is also controlled with this setting. rfc9110 permits both
-   rejecting and SP-replacing. With this option set, Gunicorn passes the field value
-   unchanged. With this option unset, Gunicorn rejects the request.
-
 Server Socket
 -------------
 
diff --git a/gunicorn/config.py b/gunicorn/config.py
index d66028b7..a0366264 100644
--- a/gunicorn/config.py
+++ b/gunicorn/config.py
@@ -1395,7 +1395,7 @@ class AccessLogFormat(Setting):
         s            status
         B            response length
         b            response length or ``'-'`` (CLF format)
-        f            referer
+        f            referrer (note: header is ``referer``)
         a            user agent
         T            request time in seconds
         M            request time in milliseconds
@@ -2154,7 +2154,7 @@ class CertReqs(Setting):
     ===========  ===========================
     --cert-reqs      Description
     ===========  ===========================
-    `0`          no client veirifcation
+    `0`          no client verification
     `1`          ssl.CERT_OPTIONAL
     `2`          ssl.CERT_REQUIRED
     ===========  ===========================