user controlled -> user-controlled

2025-12-24 04:36:35 +01:00 · 2020-04-22 10:07:29 +02:00
parent 947e9828da
commit 76503d3536
2 changed files with 2 additions and 2 deletions
--- a/javascript/ql/src/Security/CWE-079/XssThroughDom.ql
+++ b/javascript/ql/src/Security/CWE-079/XssThroughDom.ql
@@ -1,6 +1,6 @@
 /**
 * @name Cross-site scripting through DOM
- * @description Writing user controlled DOM to HTML can allow for
+ * @description Writing user-controlled DOM to HTML can allow for
 *              a cross-site scripting vulnerability.
 * @kind path-problem
 * @problem.severity error
--- a/javascript/ql/src/semmle/javascript/security/dataflow/XssThroughDom.qll
+++ b/javascript/ql/src/semmle/javascript/security/dataflow/XssThroughDom.qll
@@ -35,7 +35,7 @@ module XssThroughDom {
  }

  /**
-   * Gets an attribute name that could store user controlled data.
+   * Gets an attribute name that could store user-controlled data.
   *
   * Attributes such as "id", "href", and "src" are often used as input to HTML.
   * However, they are either rarely controlable by a user, or already a sink for other XSS vulnerabilities.