Mention WebView in alert message

egregius313 · egregius313 · commit 2ec73c50f999 · 2023-01-09T09:55:09.000-05:00
diff --git a/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql b/java/ql/src/Security/CWE/CWE-200/AndroidWebViewSettingsPermitsContentAccess.ql
@@ -109,4 +109,4 @@ where
     not any(WebViewDisallowContentAccessConfiguration cfg).hasFlow(source, _)
   )
 select e,
-  "Sensitive information may be exposed via a malicious link due to access of content:// links being permitted."
+  "Sensitive information may be exposed via a malicious link due to access to content:// links being allowed in this WebView."

Original file line number	Diff line number	Diff line change
`@@ -109,4 +109,4 @@ where`
`109`	`109`	`not any(WebViewDisallowContentAccessConfiguration cfg).hasFlow(source, _)`
`110`	`110`	`)`
`111`	`111`	`select e,`
`112`		`- "Sensitive information may be exposed via a malicious link due to access of content:// links being permitted."`
	`112`	`+ "Sensitive information may be exposed via a malicious link due to access to content:// links being allowed in this WebView."`