From c475bedf73c19a0a50f1ebe6d18053f49b6eb482 Mon Sep 17 00:00:00 2001
From: Napalys Klicius <napalys@github.com>
Date: Wed, 20 Aug 2025 12:58:54 +0200
Subject: [PATCH 1/2] CS: removed dead links from LDAPInjection qhelp

---
 csharp/ql/src/Security Features/CWE-090/LDAPInjection.qhelp | 2 --
 1 file changed, 2 deletions(-)

diff --git a/csharp/ql/src/Security Features/CWE-090/LDAPInjection.qhelp b/csharp/ql/src/Security Features/CWE-090/LDAPInjection.qhelp
index 04f01720ce66..34e9bee18ba5 100644
--- a/csharp/ql/src/Security Features/CWE-090/LDAPInjection.qhelp	
+++ b/csharp/ql/src/Security Features/CWE-090/LDAPInjection.qhelp	
@@ -35,7 +35,5 @@ the query cannot be changed by a malicious user.</p>
 <references>
 <li>OWASP: <a href="https://cheatsheetseries.owasp.org/cheatsheets/LDAP_Injection_Prevention_Cheat_Sheet.html">LDAP Injection Prevention Cheat Sheet</a>.</li>
 <li>OWASP: <a href="https://www.owasp.org/index.php/Preventing_LDAP_Injection_in_Java">Preventing LDAP Injection in Java</a>.</li>
-<li>AntiXSS doc: <a href="http://www.nudoq.org/#!/Packages/AntiXSS/AntiXssLibrary/Encoder/M/LdapFilterEncode">LdapFilterEncode</a>.</li>
-<li>AntiXSS doc: <a href="http://www.nudoq.org/#!/Packages/AntiXSS/AntiXssLibrary/Encoder/M/LdapDistinguishedNameEncode">LdapDistinguishedNameEncode</a>.</li>
 </references>
 </qhelp>

From 71a8e10f3d33f58f9bd53c4c6a7544ce3bb11298 Mon Sep 17 00:00:00 2001
From: Napalys Klicius <napalys@github.com>
Date: Wed, 20 Aug 2025 12:59:59 +0200
Subject: [PATCH 2/2] CS: added extra guidance in recommendation section for
 LDAPInjection

---
 csharp/ql/src/Security Features/CWE-090/LDAPInjection.qhelp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/csharp/ql/src/Security Features/CWE-090/LDAPInjection.qhelp b/csharp/ql/src/Security Features/CWE-090/LDAPInjection.qhelp
index 34e9bee18ba5..4af37eadfd76 100644
--- a/csharp/ql/src/Security Features/CWE-090/LDAPInjection.qhelp	
+++ b/csharp/ql/src/Security Features/CWE-090/LDAPInjection.qhelp	
@@ -12,7 +12,7 @@ is likely to be able to run malicious LDAP queries.</p>
 <p>If user input must be included in an LDAP query, it should be escaped to
 avoid a malicious user providing special characters that change the meaning
 of the query. If possible, use an existing library, such as the AntiXSS
-library.</p>
+library. One may also make their own encoder filter <code>`LdapEncode`</code> following RFC 4515 standards.</p>
 </recommendation>
 
 <example>
@@ -35,5 +35,6 @@ the query cannot be changed by a malicious user.</p>
 <references>
 <li>OWASP: <a href="https://cheatsheetseries.owasp.org/cheatsheets/LDAP_Injection_Prevention_Cheat_Sheet.html">LDAP Injection Prevention Cheat Sheet</a>.</li>
 <li>OWASP: <a href="https://www.owasp.org/index.php/Preventing_LDAP_Injection_in_Java">Preventing LDAP Injection in Java</a>.</li>
+<li>RFC 4515: <a href="https://datatracker.ietf.org/doc/html/rfc4515#section-3">String Search Filter Definition</a>.</li>
 </references>
 </qhelp>