update inconsistency comment for CWE-346

erik-krogh · erik-krogh · commit bf36137834d2 · 2020-07-08T10:01:04.000+02:00
diff --git a/javascript/ql/test/query-tests/Security/CWE-346/tst.js b/javascript/ql/test/query-tests/Security/CWE-346/tst.js
@@ -48,7 +48,7 @@ server.on('request', (req, res) => {
 
 // syntactic header defintion
 probalyAServer.on('request', (req, res) => {
-    res.setHeader("Access-Control-Allow-Origin", null); // NOT OK (but not detected)
+    res.setHeader("Access-Control-Allow-Origin", null); // NOT OK (but not detected) [INCONSISTENCY]
     res.setHeader("Access-Control-Allow-Credentials", true);
 });
 
