hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-22 23:35:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Apply docs review suggestions

Browse Source 
Co-authored-by: Sam Browning <106113886+sabrowning1@users.noreply.github.com>
This commit is contained in:
Edward Minnix III
2023-08-07 00:37:13 -04:00
committed by Ed Minnix
parent 4eb1035dfe
commit 8d88af1af0
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
java/ql/src/Security/CWE/CWE-501/TrustBoundaryViolation.qhelp
View File

@@ -22,18 +22,18 @@
<recommendation>
<p>
In order to maintain a trust boundary, data from less trusted sources should be validated before being used.
To maintain a trust boundary, validate data from less trusted sources before use.
</p>
</recommendation>
<example>
<p>
In the first (bad) example, the server accepts a parameter from the user and uses it to set the username without validation.
In the first (bad) example, the server accepts a parameter from the user, then uses it to set the username without validation.
</p>
<sample src="TrustBoundaryVulnerable.java" />
<p>
In the second (good) example, the server validates the parameter before using it to set the username.
In the second (good) example, the server validates the parameter from the user, then uses it to set the username.
</p>
<sample src="TrustBoundaryFixed.java" />