hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-02 12:15:17 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: more comments

Browse Source
This commit is contained in:
Asger F
2018-11-21 11:14:13 +00:00
parent 7d80847832
commit 84d642612e
2 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
javascript/ql/src/Security/CWE-094/MethodNameInjection.qhelp
View File

@@ -30,7 +30,7 @@ with the name <code>eval</code>.
<sample src="examples/MethodNameInjection.js" />
<p>
Instead of storing the API methods in the global scope, put them in an API object. It is also good
Instead of storing the API methods in the global scope, put them in an API object or Map. It is also good
practice to prevent invocation of inherited methods like <code>toString</code> and <code>valueOf</code>.
</p>