Add references to qhelp

atorralba · atorralba · commit 582f341d9e92 · 2024-02-14T17:25:09.000+01:00
diff --git a/go/ql/src/Security/CWE-347/MissingJwtSignatureCheck.qhelp b/go/ql/src/Security/CWE-347/MissingJwtSignatureCheck.qhelp
@@ -5,8 +5,8 @@
                signature is not correctly verified.</p>
      </overview>
      <recommendation>
-     <p>Always verify the signature by using the appropriate methods provided by the JWT library,
-          or use a library that verifies it by default.</p>
+          <p>Always verify the signature by using the appropriate methods provided by the JWT
+               library, or use a library that verifies it by default.</p>
      </recommendation>
      <example>
           <p>The following example shows a case where a JWT is parsed without verifying the
@@ -17,9 +17,9 @@
           <sample src="MissingJwtSignatureCheckGood.go" />
      </example>
      <references>
-          <li>
-
-          </li>
+          <li>JWT IO: <a href="https://jwt.io/introduction">Introduction to JSON Web Tokens</a>.</li>
+          <li>jwt-go: <a href="https://pkg.go.dev/github.com/golang-jwt/jwt/v5">Documentation</a>.</li>
+          <li>Go JOSE: <a href="https://pkg.go.dev/github.com/go-jose/go-jose/v3">Documentation</a>.</li>
      </references>
 
 </qhelp>
