Ruby: add a note to a test case

alexrford · alexrford · commit f01670f663fb · 2022-10-05T13:06:49.000+01:00
diff --git a/ruby/ql/test/query-tests/security/cwe-598/app/controllers/users_controller.rb b/ruby/ql/test/query-tests/security/cwe-598/app/controllers/users_controller.rb
@@ -11,7 +11,7 @@ def login_post
   end
 
   def login_get_cookies
-    password = cookies[:password]
+    password = cookies[:password] # GOOD: data sourced from cookies rather than (plaintext) query params
     authenticate_user(params[:username], password)
   end
 
