Apply suggestions from code review

atorralba · subatoi · web-flow · commit 8b8cebd5990d · 2024-02-19T08:59:03.000+01:00
Co-authored-by: Ben Ahmady &lt;32935794+subatoi@users.noreply.github.com&gt;
diff --git a/go/ql/src/Security/CWE-347/MissingJwtSignatureCheck.qhelp b/go/ql/src/Security/CWE-347/MissingJwtSignatureCheck.qhelp
@@ -9,11 +9,11 @@
                library, or use a library that verifies it by default.</p>
      </recommendation>
      <example>
-          <p>The following example shows a case where a JWT is parsed without verifying the
+          <p>The following (bad) example shows a case where a JWT is parsed without verifying the
                signature.</p>
           <sample src="MissingJwtSignatureCheckBad.go" />
-          <p>In the example below, the appropriate function for parsing a JWT
-               and verifying its signature is used.</p>
+          <p>The following (good) example uses the appropriate function for parsing a JWT
+               and verifying its signature.</p>
           <sample src="MissingJwtSignatureCheckGood.go" />
      </example>
      <references>
diff --git a/go/ql/src/Security/CWE-347/MissingJwtSignatureCheck.ql b/go/ql/src/Security/CWE-347/MissingJwtSignatureCheck.ql
@@ -1,6 +1,6 @@
 /**
  * @name Missing JWT signature check
- * @description Failing to check the Json Web Token (JWT) signature may allow an attacker to forge their own tokens.
+ * @description Failing to check the JSON Web Token (JWT) signature may allow an attacker to forge their own tokens.
  * @kind path-problem
  * @problem.severity error
  * @security-severity 7.8
