Fix qhelp & ql-for-ql errors

2025-12-24 04:36:35 +01:00 · 2022-08-31 15:24:29 +01:00
parent 414e0b20b3
commit eed2df0fb3
3 changed files with 2 additions and 3 deletions
--- a/java/ql/lib/semmle/code/java/security/WebviewDubuggingEnabledQuery.qll
+++ b/java/ql/lib/semmle/code/java/security/WebviewDubuggingEnabledQuery.qll
@@ -22,7 +22,7 @@ private predicate isDebugCheck(Expr ex) {
  )
 }

-/** Configuration to find instances of `setWebContentDebuggingEnabled` called with `true` values. */
+/** A configuration to find instances of `setWebContentDebuggingEnabled` called with `true` values. */
 class WebviewDebugEnabledConfig extends DataFlow::Configuration {
  WebviewDebugEnabledConfig() { this = "WebviewDebugEnabledConfig" }

--- a/java/ql/src/Security/CWE/CWE-489/WebviewDebuggingEnabled.qhelp
+++ b/java/ql/src/Security/CWE/CWE-489/WebviewDebuggingEnabled.qhelp
@@ -7,7 +7,7 @@
 <p>The <code>WebView.setWebContentsDebuggingEnabled</code> method enables or disables the contents of any <code>WebView</code> in the application to be debugged.</p>

 <p>Enabling debugging featues could allow for additional entry points or leaking sensitive information. 
-As such, debugging should only be anabled during development, and disabled during production builds.
+As such, debugging should only be anabled during development, and disabled during production builds.</p>
 </overview>
 <recommendation>
 Ensure that debugging features are not enabled during production builds. 
--- a/java/ql/src/Security/CWE/CWE-489/WebviewDebuggingEnabled.ql
+++ b/java/ql/src/Security/CWE/CWE-489/WebviewDebuggingEnabled.ql
@@ -12,7 +12,6 @@

 import java
 import semmle.code.java.security.WebviewDubuggingEnabledQuery
-import semmle.code.java.dataflow.DataFlow
 import DataFlow::PathGraph

 from WebviewDebugEnabledConfig conf, DataFlow::PathNode source, DataFlow::PathNode sink