Apply suggestions from code review

Co-authored-by: Asger F <asgerf@github.com>
2026-04-30 19:26:02 +02:00 · 2020-06-15 23:47:40 +02:00
parent e8db624e74
commit 5e060fa6a8
2 changed files with 2 additions and 2 deletions
--- a/javascript/ql/src/Security/CWE-829/InsecureDownload.qhelp
+++ b/javascript/ql/src/Security/CWE-829/InsecureDownload.qhelp
@@ -13,7 +13,7 @@
 	</overview>
 	<recommendation>
 		<p>
-			Use an transfer protocol that includes encryption when downloading executeables or other sensitive files.
+			Use a secure transfer protocol when downloading executeables or other sensitive files.
 		</p>
 	</recommendation>
 	<example>
--- a/javascript/ql/src/semmle/javascript/security/dataflow/InsecureDownload.qll
+++ b/javascript/ql/src/semmle/javascript/security/dataflow/InsecureDownload.qll
@@ -18,7 +18,7 @@ module InsecureDownload {
   * A taint tracking configuration for download of sensitive file through insecure connection.
   */
  class Configuration extends DataFlow::Configuration {
-    Configuration() { this = "HTTP/HTTPS" }
+    Configuration() { this = "InsecureDownload" }

    override predicate isSource(DataFlow::Node source) { source instanceof Source }