Input from Review

p- · p- · commit 60d5ed9c79db · 2020-03-31T18:30:00.000+02:00
diff --git a/java/ql/src/experimental/Security/CWE/CWE-036/OpenStream.qhelp b/java/ql/src/experimental/Security/CWE/CWE-036/OpenStream.qhelp
@@ -23,12 +23,10 @@ is called on the URL, potentially leading to a local file access.</p>
 </example>
 
 <references>
-<ul>
 <li>Java Platform, Standard Edition 11, API Specification: 
 <a href="https://docs.oracle.com/en/java/javase/11/docs/api/java.base/java/net/URL.html">
 Class URL</a>.
 </li>
-</ul>
 <!--  LocalWords:  CWE -->
 </references>
 
diff --git a/java/ql/src/experimental/Security/CWE/CWE-036/OpenStream.ql b/java/ql/src/experimental/Security/CWE/CWE-036/OpenStream.ql
@@ -17,8 +17,8 @@ class URLConstructor extends ClassInstanceExpr {
   Expr stringArg() {
     // Query only in URL's that were constructed by calling the single parameter string constructor.
     this.getConstructor().getNumberOfParameters() = 1 and
-    this.getConstructor().getParameter(0).getType() instanceof TypeString
-    and result = this.getArgument(0)
+    this.getConstructor().getParameter(0).getType() instanceof TypeString and
+    result = this.getArgument(0)
   }
 }
 

Original file line number	Diff line number	Diff line change
`@@ -17,8 +17,8 @@ class URLConstructor extends ClassInstanceExpr {`
`17`	`17`	`Expr stringArg() {`
`18`	`18`	`// Query only in URL's that were constructed by calling the single parameter string constructor.`
`19`	`19`	`this.getConstructor().getNumberOfParameters() = 1 and`
`20`		`- this.getConstructor().getParameter(0).getType() instanceof TypeString`
`21`		`- and result = this.getArgument(0)`
	`20`	`+ this.getConstructor().getParameter(0).getType() instanceof TypeString and`
	`21`	`+ result = this.getArgument(0)`
`22`	`22`	`}`
`23`	`23`	`}`
`24`	`24`