hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-21 19:26:31 +01:00
Code Issues Packages Projects Releases Wiki Activity

Copyedit comments and function names

Browse Source 
Co-authored-by: Felicity Chapman <felicitymay@github.com>
This commit is contained in:
Chris Smowton
2021-04-19 14:02:27 +01:00
parent 960a903185
commit fb2989c16b
4 changed files with 20 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
java/ql/src/Security/CWE/CWE-918/RequestForgery.qhelp
View File

@@ -6,7 +6,7 @@
<overview>
<p>Directly incorporating user input into an HTTP request without validating the input
can facilitate Server-Side Request Forgery (SSRF) attacks. In these attacks, the server
can facilitate server-side request forgery (SSRF) attacks. In these attacks, the server
may be tricked into making a request and interacting with an attacker-controlled server.
</p>

4
java/ql/src/Security/CWE/CWE-918/RequestForgery.ql
View File

@@ -1,7 +1,7 @@
/**
* @name Server-Side Request Forgery (SSRF)
* @name Server-side request forgery
* @description Making web requests based on unvalidated user-input
* may cause server to communicate with malicious servers.
* may cause the server to communicate with malicious servers.
* @kind path-problem
* @problem.severity error
* @precision high