hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-01-30 06:42:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

Copyedit qhelp

Browse Source
This commit is contained in:
Chris Smowton
2021-11-09 10:05:18 +00:00
committed by GitHub
parent 7f68f85002
commit f7c19dea71
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ql/src/experimental/CWE-090/LDAPinjection.qhelp
View File

@@ -11,7 +11,7 @@ is likely to be able to run malicious LDAP queries.</p>
<recommendation>
<p>If user input must be included in an LDAP query or DN, it should be escaped to
avoid a malicious user providing special characters that change the meaning
of the query. In Go, user input should be escaped with <code>EscapeFilter</code>
of the query. In Go, user input should be escaped with <code>EscapeFilter</code>.
A good practice is to escape filter characters
that could change the meaning of the query (https://tools.ietf.org/search/rfc4515#section-3).</p>
</recommendation>