Change man-in-the-middle back to machine-in-the-middle

(gender-neutral language) This reverts commit d5ab330450d3f5c1d36d0d9b6a8f1dc32bc908e3.
2026-04-29 10:45:15 +02:00 · 2022-07-22 11:24:32 +01:00
parent 79b1f24133
commit e9f9e681ef
2 changed files with 2 additions and 2 deletions
--- a/java/ql/src/Security/CWE/CWE-295/ImproperWebViewCertificateValidation.qhelp
+++ b/java/ql/src/Security/CWE/CWE-295/ImproperWebViewCertificateValidation.qhelp
@@ -5,7 +5,7 @@
 <overview>
 <p>
 If the <code>onReceivedSslError</code> method of an Android <code>WebViewClient</code> always calls <code>proceed</code> on the given <code>SslErrorHandler</code>, it trusts any certificate. 
-This allows an attacker to perform a man-in-the-middle attack against the application, therefore breaking any security Transport Layer Security (TLS) gives.
+This allows an attacker to perform a machine-in-the-middle attack against the application, therefore breaking any security Transport Layer Security (TLS) gives.
 </p>

 <p>
--- a/java/ql/src/Security/CWE/CWE-295/ImproperWebViewCertificateValidation.ql
+++ b/java/ql/src/Security/CWE/CWE-295/ImproperWebViewCertificateValidation.ql
@@ -1,6 +1,6 @@
 /**
 * @name Android `WebView` that accepts all certificates
- * @description Trusting all certificates allows an attacker to perform a man-in-the-middle attack.
+ * @description Trusting all certificates allows an attacker to perform a machine-in-the-middle attack.
 * @kind problem
 * @problem.severity error
 * @security-severity 7.5