hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-23 07:45:17 +02:00
Code Issues Packages Projects Releases Wiki Activity

Doc change

Browse Source 
Co-authored-by: Alex Ford <alexrford@users.noreply.github.com>
This commit is contained in:
Maiky
2023-09-15 11:51:53 +02:00
committed by GitHub
parent 15b965bb3b
commit f08eb3cdf4
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ruby/ql/src/experimental/cwe-347/EmptyJWTSecret.qhelp
View File

@@ -11,7 +11,7 @@ Applications encoding a JSON Web Token (JWT) may be vulnerable when it's not ver
<recommendation>
<p>
Use non-empty nor <code>None</code> values while encoding JWT payloads.
JSON Web Tokens should be signed using a strong cryptographic algorithm and non-empty secret.
</p>
</recommendation>