hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Ruby: clarify qhelp

Browse Source
This commit is contained in:
Alex Ford
2022-10-13 22:39:54 +01:00
parent 9fbd293944
commit 3d478a3951
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ruby/ql/src/queries/security/cwe-598/SensitiveGetQuery.qhelp
View File

@@ -2,7 +2,7 @@
<qhelp>
<overview>
<p>
Sensitive information such as user passwords should not be transmitted within the query string of the requested URL.
Sensitive information such as passwords should not be transmitted within the query string of the requested URL.
Sensitive information within URLs may be logged in various locations, including the user's browser, the web server,
and any proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked
or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are