hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 08:45:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Apply suggestions from documentation review

Browse Source 
Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
This commit is contained in:
Joe Farebrother
2024-02-02 17:21:23 +00:00
committed by GitHub
parent 9130603334
commit 3878192810
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
java/ql/src/Security/CWE/CWE-200/AndroidSensitiveTextField.qhelp
View File

@@ -11,13 +11,13 @@
<recommendation>
<p>
For editable text fields containing sensitive information, the <code>inputType</code> should be set to <code>textPassword</code> or similar to ensure it is properly masked.
Otherwise, sensitive data that is required to be displayed should be hidden by default, and only revealed based on an explicit user action.
Otherwise, sensitive data that must be displayed should be hidden by default, and only revealed based on an explicit user action.
</p>
</recommendation>
<example>
<p>
In the following (bad) case, sensitive information <code>password</code> is exposed to the <code>TextView</code>.
In the following (bad) case, sensitive information in <code>password</code> is exposed to the <code>TextView</code>.
</p>
<sample src="AndroidSensitiveTextBad.java"/>