hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-22 03:36:30 +01:00
Code Issues Packages Projects Releases Wiki Activity

Apply suggestions from code review

Browse Source 
Co-Authored-By: Felicity Chapman <felicitymay@github.com>
This commit is contained in:
ggolawski
2020-01-27 22:31:51 +01:00
committed by GitHub
parent 968c18d208
commit 408c49a61c
1 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
java/ql/src/Security/CWE/CWE-90/LdapInjection.qhelp
View File

@@ -34,19 +34,19 @@ the query cannot be changed by a malicious user.</p>
<sample src="LdapInjectionJndi.java" />
<p>The third example uses Spring LdapQueryBuilder to build LDAP query. In addition to
simplifying building of complex search parameters, it also provides proper escaping of any
unsafe characters in search filters. DN is built using LdapNameBuilder, which also provides
<p>The third example uses Spring <code>LdapQueryBuilder</code> to build an LDAP query. In addition to
simplifying the building of complex search parameters, it also provides proper escaping of any
unsafe characters in search filters. The DN is built using <code>LdapNameBuilder</code>, which also provides
proper escaping.</p>
<sample src="LdapInjectionSpring.java" />
<p>The fourth example uses UnboundID Filter and DN classes to construct safe filter and
<p>The fourth example uses <code>UnboundID</code> classes, <code>Filter</code> and <code>DN</code>, to construct a safe filter and
base DN.</p>
<sample src="LdapInjectionUnboundId.java" />
<p>The fifth example shows how to build safe filter and DN using Apache LDAP API.</p>
<p>The fifth example shows how to build a safe filter and DN using the Apache LDAP API.</p>
<sample src="LdapInjectionApache.java" />
</example>