Fixes in QLDocs and imports

atorralba · atorralba · commit 215118c7eac8 · 2021-05-06T09:18:49.000+02:00
diff --git a/java/ql/src/experimental/Security/CWE/CWE-643/XPathInjection.ql b/java/ql/src/experimental/Security/CWE/CWE-643/XPathInjection.ql
@@ -11,8 +11,9 @@
  */
 
 import java
-import semmle.code.java.dataflow.TaintTracking
 import DataFlow::PathGraph
+import semmle.code.java.dataflow.FlowSources
+import semmle.code.java.dataflow.TaintTracking
 import semmle.code.java.security.XPath
 
 class XPathInjectionConfiguration extends TaintTracking::Configuration {
diff --git a/java/ql/src/semmle/code/java/security/XPath.qll b/java/ql/src/semmle/code/java/security/XPath.qll
@@ -1,13 +1,12 @@
 /** Provides classes to reason about XPath vulnerabilities. */
 
 import java
-import semmle.code.java.dataflow.FlowSources
-import semmle.code.java.dataflow.TaintTracking
+import semmle.code.java.dataflow.DataFlow
 import semmle.code.java.dataflow.ExternalFlow
 
 /**
- *  A sink that represents a method that interprets XPath expressions.
- *  Extend this class to add your own XPath Injection sinks.
+ * A sink that represents a method that interprets XPath expressions.
+ * Extend this class to add your own XPath Injection sinks.
  */
 abstract class XPathInjectionSink extends DataFlow::Node { }
 
