hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6305 from intrigus-lgtm/patch-5

Browse Source 
C# remove spurious spaces in <code> tag
This commit is contained in:
Arthur Baars
2021-07-19 17:09:36 +02:00
committed by GitHub
parent 7bc18abbb0 7aa19ea00f
commit ed054acd8e
3 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
csharp/ql/src/Bad Practices/UseOfSystemOutputStream.qhelp
View File

@@ -6,7 +6,7 @@
<p>Writing directly to system output streams is often used as an unstructured form of logging. A
proper logging mechanism is a better way to direct messages to the desired location and also
ensures that no critical information is leaked to the standard outputs. The rule points out any
call to the <code> Console.Write*(...)</code> methods and any access to <code>Console.Out</code> or
call to the <code>Console.Write*(...)</code> methods and any access to <code>Console.Out</code> or
<code>Console.Error</code>.</p>
</overview>

2
csharp/ql/src/Input Validation/ValueShadowingServerVariable.qhelp
View File

@@ -6,7 +6,7 @@
<p>Relying on <code>HttpRequest</code> to provide access to a particular server variable is not
safe as it can be overridden by the client. The <code>HttpRequest</code> class implements an
indexer to provide a simplified, combined access to its <code>QueryString</code>, <code>Form</code>
, <code>Cookies</code>, or <code> ServerVariables</code> collections, in that particular order.
, <code>Cookies</code>, or <code>ServerVariables</code> collections, in that particular order.
When searching for a variable, the first match is returned: <code>QueryString</code> parameters
hence supersede values from forms, cookies and server variables, and so on. This is a serious
attack vector since an attacker could inject a value in the query string that you do not expect,

4
csharp/ql/src/Linq/MissedCastOpportunity.qhelp
View File

@@ -6,8 +6,8 @@
<p>Casts are often used when you iterate over a collection of elements of a type that is known to
contain only elements of a different type (possibly more specific). For example, <code>List&lt;Animal
&gt; </code> might refer to a collection of instances of <code>Dog</code>, a class derived from
<code> Animal</code>. Programmers often write a loop to iterate over the collection and cast each
<code> Animal</code> in turn to <code>Dog</code> before using it</p>
<code>Animal</code>. Programmers often write a loop to iterate over the collection and cast each
<code>Animal</code> in turn to <code>Dog</code> before using it</p>
</overview>
<recommendation>