OAuth2 CSRF query: improve documentation

Author: smowton

ql/src/Security/CWE-352/ConstantOauth2State.qhelp

@@ -5,7 +5,7 @@
     <overview>
         <p>
             OAuth 2.0 clients must implement CSRF protection for the redirection URI, which is typically accomplished by including a "state" value that binds the request to
-            the user's authenticated state. The Go OAuth 2.0 library allows to specify a "state" value which is then included in the auth code URL, and then provided back by the remote authentication server in the redirect callback, from where it must be validated; failure to do so makes the client susceptible to an CSRF attack.
+            the user's authenticated state. The Go OAuth 2.0 library allows you to specify a "state" value which is then included in the auth code URL. That state is then provided back by the remote authentication server in the redirect callback, from where it must be validated. Failure to do so makes the client susceptible to an CSRF attack.
         </p>
     </overview>
     <recommendation>
@@ -23,4 +23,8 @@
         </p>
         <sample src="ConstantOauth2StateBetter.go" />
     </example>
+    <references>
+        <li>IETF: <a href="https://tools.ietf.org/html/rfc6749#section-10.12">The OAuth 2.0 Authorization Framework</a></li>
+        <li>IETF: <a href="https://tools.ietf.org/html/draft-ietf-oauth-security-topics-15#section-2.1">OAuth 2.0 Security Best Current Practice</a></li>
+    </references>
 </qhelp>

ql/src/Security/CWE-352/ConstantOauth2State.ql

@@ -1,5 +1,5 @@
 /**
- * @name Use of constant `state` value in OAuth 2.0 URL.
+ * @name Use of constant `state` value in OAuth 2.0 URL
  * @description Using a constant value for the `state` in the OAuth 2.0 URL makes the application
  *              susceptible to CSRF attacks.
  * @kind path-problem