diff --git a/csharp/ql/test/query-tests/Security Features/CWE-1004/HttpOnlyCookie/AspNetCore/NoPolicy/Program.cs b/csharp/ql/test/query-tests/Security Features/CWE-1004/HttpOnlyCookie/AspNetCore/NoPolicy/Program.cs
index 4df46f20c8c..4d0d6a5d390 100644
--- a/csharp/ql/test/query-tests/Security Features/CWE-1004/HttpOnlyCookie/AspNetCore/NoPolicy/Program.cs	
+++ b/csharp/ql/test/query-tests/Security Features/CWE-1004/HttpOnlyCookie/AspNetCore/NoPolicy/Program.cs	
@@ -2,12 +2,12 @@ public class MyController : Microsoft.AspNetCore.Mvc.Controller
 {
     public void CookieDefault()
     {
-        Response.Cookies.Append("auth", "value"); // $Alert // BAD: HttpOnly is set to false by default
+        Response.Cookies.Append("auth", "value"); // $ Alert // BAD: HttpOnly is set to false by default
     }
 
     public void CookieDefault2()
     {
-        var cookieOptions = new Microsoft.AspNetCore.Http.CookieOptions(); // $Alert 
+        var cookieOptions = new Microsoft.AspNetCore.Http.CookieOptions(); // $ Alert
         Response.Cookies.Append("auth", "value", cookieOptions); // BAD: HttpOnly is set to false by default
     }
 
@@ -39,14 +39,14 @@ public class MyController : Microsoft.AspNetCore.Mvc.Controller
 
     void CookieDirectFalse()
     {
-        var cookieOptions = new Microsoft.AspNetCore.Http.CookieOptions(); // $Alert 
+        var cookieOptions = new Microsoft.AspNetCore.Http.CookieOptions(); // $ Alert
         cookieOptions.HttpOnly = false;
         Response.Cookies.Append("auth", "secret", cookieOptions); // BAD
     }
 
     void CookieDirectFalseInitializer()
     {
-        var cookieOptions = new Microsoft.AspNetCore.Http.CookieOptions() { HttpOnly = false }; // $Alert 
+        var cookieOptions = new Microsoft.AspNetCore.Http.CookieOptions() { HttpOnly = false }; // $ Alert
         Response.Cookies.Append("auth", "secret", cookieOptions); // BAD
     }
 
@@ -67,7 +67,7 @@ public class MyController : Microsoft.AspNetCore.Mvc.Controller
 
     void CookieIntermediateFalse()
     {
-        var cookieOptions = new Microsoft.AspNetCore.Http.CookieOptions(); // $MISSING:Alert
+        var cookieOptions = new Microsoft.AspNetCore.Http.CookieOptions(); // $ MISSING:Alert
         bool v = false;
         cookieOptions.HttpOnly = v;
         Response.Cookies.Append("auth", "secret", cookieOptions); // BAD, but not detected
@@ -76,7 +76,7 @@ public class MyController : Microsoft.AspNetCore.Mvc.Controller
     void CookieIntermediateFalseInitializer()
     {
         bool v = false;
-        var cookieOptions = new Microsoft.AspNetCore.Http.CookieOptions() { HttpOnly = v }; // $MISSING:Alert 
+        var cookieOptions = new Microsoft.AspNetCore.Http.CookieOptions() { HttpOnly = v }; // $ MISSING:Alert
         Response.Cookies.Append("auth", "secret", cookieOptions); // BAD, but not detected
     }
 }
diff --git a/csharp/ql/test/query-tests/Security Features/CWE-1004/HttpOnlyCookie/SystemWeb/HttpOnlyCookiesFalse/Program.cs b/csharp/ql/test/query-tests/Security Features/CWE-1004/HttpOnlyCookie/SystemWeb/HttpOnlyCookiesFalse/Program.cs
index 3e63963712f..94f50e78a3e 100644
--- a/csharp/ql/test/query-tests/Security Features/CWE-1004/HttpOnlyCookie/SystemWeb/HttpOnlyCookiesFalse/Program.cs	
+++ b/csharp/ql/test/query-tests/Security Features/CWE-1004/HttpOnlyCookie/SystemWeb/HttpOnlyCookiesFalse/Program.cs	
@@ -13,7 +13,7 @@ class Program
 
     void CookieDefault()
     {
-        var cookie = new System.Web.HttpCookie("sessionID"); // $Alert // BAD: httpOnlyCookies is set to false by default
+        var cookie = new System.Web.HttpCookie("sessionID"); // $ Alert // BAD: httpOnlyCookies is set to false by default
     }
 
     void CookieDefaultForgery()
@@ -29,13 +29,13 @@ class Program
 
     void CookieDirectFalse()
     {
-        var cookie = new System.Web.HttpCookie("sessionID"); // $Alert 
+        var cookie = new System.Web.HttpCookie("sessionID"); // $ Alert
         cookie.HttpOnly = false; // BAD
     }
 
     void CookieDirectFalseInitializer()
     {
-        var cookie = new System.Web.HttpCookie("sessionID") { HttpOnly = false };  // $Alert // BAD
+        var cookie = new System.Web.HttpCookie("sessionID") { HttpOnly = false };  // $ Alert // BAD
     }
 
     void CookieIntermediateTrue()
@@ -53,7 +53,7 @@ class Program
 
     void CookieIntermediateFalse()
     {
-        var cookie = new System.Web.HttpCookie("sessionID"); // MISSING:Alert 
+        var cookie = new System.Web.HttpCookie("sessionID"); // MISSING:Alert
         bool v = false;
         cookie.HttpOnly = v; // BAD
     }
@@ -61,6 +61,6 @@ class Program
     void CookieIntermediateFalseInitializer()
     {
         bool v = false;
-        var cookie = new System.Web.HttpCookie("sessionID") { HttpOnly = v };  // $MISSING:Alert // BAD
+        var cookie = new System.Web.HttpCookie("sessionID") { HttpOnly = v };  // $ MISSING:Alert // BAD
     }
 }
diff --git a/csharp/ql/test/query-tests/Security Features/CWE-614/InsecureCookie/AspNetCore/NoPolicy/Program.cs b/csharp/ql/test/query-tests/Security Features/CWE-614/InsecureCookie/AspNetCore/NoPolicy/Program.cs
index 733e2d71fcc..d21b19cf399 100644
--- a/csharp/ql/test/query-tests/Security Features/CWE-614/InsecureCookie/AspNetCore/NoPolicy/Program.cs	
+++ b/csharp/ql/test/query-tests/Security Features/CWE-614/InsecureCookie/AspNetCore/NoPolicy/Program.cs	
@@ -2,12 +2,12 @@ public class MyController : Microsoft.AspNetCore.Mvc.Controller
 {
     public void CookieDefault()
     {
-        Response.Cookies.Append("name", "value"); // $Alert // BAD: Secure is set to false by default
+        Response.Cookies.Append("name", "value"); // $ Alert // BAD: Secure is set to false by default
     }
 
     public void CookieDefault2()
     {
-        var cookieOptions = new Microsoft.AspNetCore.Http.CookieOptions(); // $Alert 
+        var cookieOptions = new Microsoft.AspNetCore.Http.CookieOptions(); // $ Alert
         Response.Cookies.Append("name", "value", cookieOptions); // BAD: Secure is set to false by default
     }
 
@@ -32,14 +32,14 @@ public class MyController : Microsoft.AspNetCore.Mvc.Controller
 
     void CookieDirectFalse()
     {
-        var cookieOptions = new Microsoft.AspNetCore.Http.CookieOptions(); // $Alert 
+        var cookieOptions = new Microsoft.AspNetCore.Http.CookieOptions(); // $ Alert
         cookieOptions.Secure = false;
         Response.Cookies.Append("auth", "secret", cookieOptions); // BAD
     }
 
     void CookieDirectFalseInitializer()
     {
-        var cookieOptions = new Microsoft.AspNetCore.Http.CookieOptions() { Secure = false }; // $Alert 
+        var cookieOptions = new Microsoft.AspNetCore.Http.CookieOptions() { Secure = false }; // $ Alert
         Response.Cookies.Append("auth", "secret", cookieOptions); // BAD
     }
 
@@ -60,7 +60,7 @@ public class MyController : Microsoft.AspNetCore.Mvc.Controller
 
     void CookieIntermediateFalse()
     {
-        var cookieOptions = new Microsoft.AspNetCore.Http.CookieOptions(); // $MISSING:Alert
+        var cookieOptions = new Microsoft.AspNetCore.Http.CookieOptions(); // $ MISSING:Alert
         bool v = false;
         cookieOptions.Secure = v;
         Response.Cookies.Append("auth", "secret", cookieOptions); // BAD, but not detected
@@ -69,7 +69,7 @@ public class MyController : Microsoft.AspNetCore.Mvc.Controller
     void CookieIntermediateFalseInitializer()
     {
         bool v = false;
-        var cookieOptions = new Microsoft.AspNetCore.Http.CookieOptions() { Secure = v }; // $MISSING:Alert 
+        var cookieOptions = new Microsoft.AspNetCore.Http.CookieOptions() { Secure = v }; // $ MISSING:Alert
         Response.Cookies.Append("auth", "secret", cookieOptions); // BAD, but not detected
     }
 }
diff --git a/csharp/ql/test/query-tests/Security Features/CWE-614/InsecureCookie/SystemWeb/RequireSSLFalse/Program.cs b/csharp/ql/test/query-tests/Security Features/CWE-614/InsecureCookie/SystemWeb/RequireSSLFalse/Program.cs
index 250b1f7780e..b026100269f 100644
--- a/csharp/ql/test/query-tests/Security Features/CWE-614/InsecureCookie/SystemWeb/RequireSSLFalse/Program.cs	
+++ b/csharp/ql/test/query-tests/Security Features/CWE-614/InsecureCookie/SystemWeb/RequireSSLFalse/Program.cs	
@@ -2,7 +2,7 @@ class Program
 {
     void CookieDefault()
     {
-        var cookie = new System.Web.HttpCookie("cookieName"); // $Alert // BAD: requireSSL is set to false by default
+        var cookie = new System.Web.HttpCookie("cookieName"); // $ Alert // BAD: requireSSL is set to false by default
     }
 
     void CookieDirectTrue()
@@ -31,18 +31,18 @@ class Program
 
     void CookieDirectFalse()
     {
-        var cookie = new System.Web.HttpCookie("cookieName"); // $Alert 
+        var cookie = new System.Web.HttpCookie("cookieName"); // $ Alert
         cookie.Secure = false; // BAD
     }
 
     void CookieDirectFalseInitializer()
     {
-        var cookie = new System.Web.HttpCookie("cookieName") { Secure = false }; // $Alert // BAD
+        var cookie = new System.Web.HttpCookie("cookieName") { Secure = false }; // $ Alert // BAD
     }
 
         void CookieIntermediateFalse()
     {
-        var cookie = new System.Web.HttpCookie("cookieName"); // $MISSING:Alert
+        var cookie = new System.Web.HttpCookie("cookieName"); // $ MISSING:Alert
         bool v = false;
         cookie.Secure = v; // BAD, but not detected
     }
@@ -50,6 +50,6 @@ class Program
     void CookieIntermediateFalseInitializer()
     {
         bool v = false;
-        var cookie = new System.Web.HttpCookie("cookieName") { Secure = v }; // $MISSING:Alert // BAD, but not detected
+        var cookie = new System.Web.HttpCookie("cookieName") { Secure = v }; // $ MISSING:Alert // BAD, but not detected
     }
 }