From 5a96ee1a7bf92f305055b4f3918dc6fb9d2bd5c4 Mon Sep 17 00:00:00 2001
From: Luke Cartey <5377966+lcartey@users.noreply.github.com>
Date: Tue, 4 Aug 2020 09:41:40 +0100
Subject: [PATCH] Remove parameter names from signatures

Co-authored-by: Marcono1234 <Marcono1234@users.noreply.github.com>
---
 .../CWE/CWE-020/ExternalAPIsUsedWithUntrustedData.qhelp       | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/java/ql/src/Security/CWE/CWE-020/ExternalAPIsUsedWithUntrustedData.qhelp b/java/ql/src/Security/CWE/CWE-020/ExternalAPIsUsedWithUntrustedData.qhelp
index a59de163b2a..4f04b90fa49 100644
--- a/java/ql/src/Security/CWE/CWE-020/ExternalAPIsUsedWithUntrustedData.qhelp
+++ b/java/ql/src/Security/CWE/CWE-020/ExternalAPIsUsedWithUntrustedData.qhelp
@@ -33,11 +33,11 @@ class to exclude known safe external APIs from future analysis.</p>
 </recommendation>
 <example>
 
-<p>If the query were to return the API <code>javax.servlet.http.HttpServletResponse.sendError(int sc, java.lang.String msg) [param 1]</code> 
+<p>If the query were to return the API <code>javax.servlet.http.HttpServletResponse.sendError(int, java.lang.String) [param 1]</code> 
 then we should first consider whether this a security relevant sink. In this case, this is writing to a HTTP response, so we should 
 consider whether this is an XSS sink. If it is, we should confirm that it is handled by the XSS query.</p>
 
-<p>If the query were to return the API <code>java.lang.StringBuilder.append(java.lang.String str) [param 0]</code>, then this should be
+<p>If the query were to return the API <code>java.lang.StringBuilder.append(java.lang.String) [param 0]</code>, then this should be
 reviewed as a possible taint step, because tainted data would flow from the 0th argument to the qualifier of the call.</p>
 
 <p>Note that both examples are correctly handled with the standard taint tracking library and XSS query.</p>