Apply suggestions from code review

Co-authored-by: Ben Ahmady <32935794+subatoi@users.noreply.github.com>
2026-04-25 16:55:19 +02:00 · 2024-02-19 08:59:03 +01:00
parent 582f341d9e
commit 8b8cebd599
2 changed files with 4 additions and 4 deletions
--- a/go/ql/src/Security/CWE-347/MissingJwtSignatureCheck.qhelp
+++ b/go/ql/src/Security/CWE-347/MissingJwtSignatureCheck.qhelp
@@ -9,11 +9,11 @@
               library, or use a library that verifies it by default.</p>
     </recommendation>
     <example>
-          <p>The following example shows a case where a JWT is parsed without verifying the
+          <p>The following (bad) example shows a case where a JWT is parsed without verifying the
               signature.</p>
          <sample src="MissingJwtSignatureCheckBad.go" />
-          <p>In the example below, the appropriate function for parsing a JWT
-               and verifying its signature is used.</p>
+          <p>The following (good) example uses the appropriate function for parsing a JWT
+               and verifying its signature.</p>
          <sample src="MissingJwtSignatureCheckGood.go" />
     </example>
     <references>
--- a/go/ql/src/Security/CWE-347/MissingJwtSignatureCheck.ql
+++ b/go/ql/src/Security/CWE-347/MissingJwtSignatureCheck.ql
@@ -1,6 +1,6 @@
 /**
 * @name Missing JWT signature check
- * @description Failing to check the Json Web Token (JWT) signature may allow an attacker to forge their own tokens.
+ * @description Failing to check the JSON Web Token (JWT) signature may allow an attacker to forge their own tokens.
 * @kind path-problem
 * @problem.severity error
 * @security-severity 7.8