Use <code> tag in JexlInjection.qhelp

artem-smotrakov · artem-smotrakov · commit 73c8338e52a7 · 2021-01-21T22:49:36.000+01:00
diff --git a/java/ql/src/experimental/Security/CWE/CWE-094/JexlInjection.qhelp b/java/ql/src/experimental/Security/CWE/CWE-094/JexlInjection.qhelp
@@ -28,16 +28,16 @@ The following example uses untrusted data to build and run a JEXL expression.
 
 <p>
 The next example shows how an untrusted JEXL expression can be run
-in a sandbox that allows accessing only methods in the `java.lang.Math` class.
-The sandbox is implemented using `JexlSandbox` class that is provided by
+in a sandbox that allows accessing only methods in the <code>java.lang.Math</code> class.
+The sandbox is implemented using <code>JexlSandbox</code> class that is provided by
 Apache Commons JEXL 3.
 However, it's recommended to avoid using untrusted input in JEXL expressions.
 </p>
 <sample src="SaferJexlExpressionEvaluationWithSandbox.java" />
 
 <p>
 The next example shows another way how a sandbox can be implemented.
-It uses a custom implememtation of `JexlUberspect`
+It uses a custom implememtation of <code>JexlUberspect</code>
 that checks if callees are instances of allowed classes.
 Again, it's recommended to avoid using untrusted input in JEXL expressions.
 </p>
