hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-18 11:21:07 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix typos

Browse Source
This commit is contained in:
Joe Farebrother
2022-06-29 13:57:51 +01:00
parent 03c2a0e818
commit abf894a64c
4 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
java/ql/src/Security/CWE/CWE-295/ImproperWebViewCertifiacteValidation.qhelp → java/ql/src/Security/CWE/CWE-295/ImproperWebViewCertificateValidation.qhelp
View File

@@ -24,7 +24,7 @@ An attack might look like this:
<recommendation>
<p>
Do not use a call <code>SslerrorHandler.proceed</code> unconditonally.
Do not use a call <code>SslerrorHandler.proceed</code> unconditionally.
If you have to use a self-signed certificate, only accept that certificate, not all certificates.
</p>

2
java/ql/src/Security/CWE/CWE-295/ImproperWebViewCertificateValidation.ql
View File

@@ -1,5 +1,5 @@
/**
* @name Android `WebVeiw` that accepts all certificates
* @name Android `WebView` that accepts all certificates
* @description Trusting all certificates allows an attacker to perform a machine-in-the-middle attack.
* @kind problem
* @problem.severity error