Documentation fixes

egregius313 · egregius313 · commit 172b8a6967d1 · 2023-08-17T13:05:37.000-04:00
diff --git a/java/ql/lib/semmle/code/java/frameworks/Servlets.qll b/java/ql/lib/semmle/code/java/frameworks/Servlets.qll
@@ -398,6 +398,7 @@ class GetServletResourceAsStreamMethod extends Method {
   }
 }
 
+/** The interface `javax.servlet.http.HttpSession` */
 class HttpServletSession extends RefType {
   HttpServletSession() { this.hasQualifiedName("javax.servlet.http", "HttpSession") }
 }
diff --git a/java/ql/src/Security/CWE/CWE-501/TrustBoundaryViolation.qhelp b/java/ql/src/Security/CWE/CWE-501/TrustBoundaryViolation.qhelp
@@ -30,12 +30,12 @@
     <p>
       In the first (bad) example, the server accepts a parameter from the user and uses it to set the username without validation.
     </p>
-    <sample src="examples/TrustBoundaryVulnerable.java" />
+    <sample src="TrustBoundaryVulnerable.java" />
 
     <p>
       In the second (good) example, the server validates the parameter before using it to set the username.
     </p>
-    <sample src="examples/TrustBoundaryFixed.java" />
+    <sample src="TrustBoundaryFixed.java" />
 
   </example>
 

Original file line number	Diff line number	Diff line change
`@@ -398,6 +398,7 @@ class GetServletResourceAsStreamMethod extends Method {`
`398`	`398`	`}`
`399`	`399`	`}`
`400`	`400`
	`401`	+/** The interface `javax.servlet.http.HttpSession` */
`401`	`402`	`class HttpServletSession extends RefType {`
`402`	`403`	`HttpServletSession() { this.hasQualifiedName("javax.servlet.http", "HttpSession") }`
`403`	`404`	`}`