hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Apply suggestions from code review

Browse Source 
Co-authored-by: Anders Schack-Mulligen <aschackmull@users.noreply.github.com>
This commit is contained in:
Tony Torralba
2021-08-04 14:40:32 +02:00
committed by GitHub
parent a046d75ea6
commit bc9563c073
2 changed files with 1 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
java/ql/src/semmle/code/java/security/JWT.qll
View File

@@ -1,7 +1,6 @@
/** Provides classes for working with JSON Web Token (JWT) libraries. */
import java
private import semmle.code.java.dataflow.ExternalFlow
private import semmle.code.java.dataflow.DataFlow
/** A method access that assigns signing keys to a JWT parser. */

2
java/ql/src/semmle/code/java/security/MissingJWTSignatureCheckQuery.qll
View File

@@ -5,7 +5,7 @@ import semmle.code.java.dataflow.DataFlow
import semmle.code.java.security.JWT
/**
* Models flow from signing keys assignements to qualifiers of JWT insecure parsers.
* Models flow from signing keys assignments to qualifiers of JWT insecure parsers.
* This is used to determine whether a `JwtParser` performing unsafe parsing has a signing key set.
*/
class MissingJwtSignatureCheckConf extends DataFlow::Configuration {