hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update java/ql/src/Security/CWE/CWE-940/AndroidIntentRedirection.qhelp

Browse Source 
Co-authored-by: Ethan Palm <56270045+ethanpalm@users.noreply.github.com>
This commit is contained in:
Tony Torralba
2021-08-31 14:32:31 +02:00
parent e7983fb269
commit 28ae4c211f
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
java/ql/src/Security/CWE/CWE-940/AndroidIntentRedirection.qhelp
View File

@@ -11,7 +11,7 @@
<p>If this is not possible, restrict either which apps can send Intents to the affected component, or which components can be started from it.</p> <p>If this is not possible, restrict either which apps can send Intents to the affected component, or which components can be started from it.</p>
</recommendation> </recommendation>
<example> <example>
<p>The following snippet contains two examples. <p>The following snippet contains three examples.
In the first example, an arbitrary component can be started from the externally provided <code>forward_intent</code> Intent. In the first example, an arbitrary component can be started from the externally provided <code>forward_intent</code> Intent.
In the second example, the destination component of the Intent is first checked to make sure it is safe. In the second example, the destination component of the Intent is first checked to make sure it is safe.
In the third example, the component that created the Intent is first checked to make sure it comes from a trusted origin.</p> In the third example, the component that created the Intent is first checked to make sure it comes from a trusted origin.</p>