Apply suggestions from code review

erik-krogh · esbena · web-flow · commit 2d1ba59e6d8c · 2021-05-06T21:55:30.000+02:00
Co-authored-by: Esben Sparre Andreasen &lt;esbena@github.com&gt;
diff --git a/javascript/ql/src/Security/CWE-079/UnsafeHtmlConstruction.qhelp b/javascript/ql/src/Security/CWE-079/UnsafeHtmlConstruction.qhelp
@@ -4,7 +4,7 @@
 <qhelp>
 <overview>
 	<p>
-		Dynamically constructing HTML with inputs from exported functions may 
+		Dynamically constructing HTML with inputs from library functions may 
 		inadvertently leave a client open to XSS attacks.
 		
 		Clients using the exported function may use inputs containing unsafe HTML,
@@ -28,7 +28,7 @@
 <example>
 
 	<p>
-		The following example shows a library function that shows a boldface name
+		The following example has a library function that renders a boldface name
 		by writing to the <code>innerHTML</code> property of an element.
 	</p>
 
diff --git a/javascript/ql/src/Security/CWE-079/UnsafeHtmlConstruction.ql b/javascript/ql/src/Security/CWE-079/UnsafeHtmlConstruction.ql
@@ -1,7 +1,7 @@
 /**
  * @name Unsafe HTML constructed from library input
  * @description Using externally controlled strings to construct HTML might allow a malicious
- *              user to perform an cross-site scripting attack.
+ *              user to perform a cross-site scripting attack.
  * @kind path-problem
  * @problem.severity error
  * @precision high
