python: fix typo in qhelp

yoff · yoff · commit e6b5833bd684 · 2022-01-26T19:05:36.000+01:00
diff --git a/python/ql/src/experimental/Security/CWE-090/LDAPInjection.qhelp b/python/ql/src/experimental/Security/CWE-090/LDAPInjection.qhelp
@@ -4,22 +4,22 @@
 <qhelp>
 <overview>
 <p>If an LDAP query or DN is built using string concatenation or string formatting, and the
-components of the concatenation include user input without any proper sanitization, a user 
+components of the concatenation include user input without any proper sanitization, a user
 is likely to be able to run malicious LDAP queries.</p>
 </overview>
 
 <recommendation>
 <p>If user input must be included in an LDAP query or DN, it should be escaped to
 avoid a malicious user providing special characters that change the meaning
-of the query. In Python2, user input should be escaped with <code>ldap.dn.escape_dn_chars</code> 
-or <code>ldap.filter.escape_filter_chars</code>, while in Python3, user input should be escaped with 
+of the query. In Python2, user input should be escaped with <code>ldap.dn.escape_dn_chars</code>
+or <code>ldap.filter.escape_filter_chars</code>, while in Python3, user input should be escaped with
 <code>ldap3.utils.dn.escape_rdn</code> or <code>ldap3.utils.conv.escape_filter_chars</code>
-depending on the component tainted by the user. A good practice is to escape filter characters 
+depending on the component tainted by the user. A good practice is to escape filter characters
 that could change the meaning of the query (https://tools.ietf.org/search/rfc4515#section-3).</p>
 </recommendation>
 
 <example>
-<p>In the following examples, the code accepts both <code>username</code> and <code>dc</code> from the user, 
+<p>In the following examples, the code accepts both <code>username</code> and <code>dc</code> from the user,
 which it then uses to build a LDAP query and DN.</p>
 
 <p>The first and the second example uses the unsanitized user input directly
@@ -30,7 +30,7 @@ components, and search for a completely different set of values.</p>
 <sample src="examples/example_bad1.py" />
 <sample src="examples/example_bad2.py" />
 
-<p>In the third and four example, the input provided by the user is sanitized before it is included in the search filter or DN. 
+<p>In the third and fourth example, the input provided by the user is sanitized before it is included in the search filter or DN.
 This ensures the meaning of the query cannot be changed by a malicious user.</p>
 
 <sample src="examples/example_good1.py" />
