Java: Fix typos/formatting in setJavascriptEnabled query

egregius313 · atorralba · web-flow · commit 7e5970f338ab · 2022-11-14T10:02:20.000-05:00
Typos and formatting changes.

Co-authored-by: Tony Torralba &lt;atorralba@users.noreply.github.com&gt;
diff --git a/java/ql/src/Security/CWE/CWE-079/AndroidWebViewSettingsEnabledJavaScript.qhelp b/java/ql/src/Security/CWE/CWE-079/AndroidWebViewSettingsEnabledJavaScript.qhelp
@@ -11,22 +11,22 @@ man-in-the-middle attack, where the attacker can inject arbitrary JavaScript.
 
 <p>
   You can enable or disbale Javascript execution using
-  the <code>setJavaScriptEnabled</code> method of the settings of a webview.
+  the <code>setJavaScriptEnabled</code> method of the settings of a WebView.
 </p>
   </overview>
 
   <recommendation>
-    <p>If Javascript does not need to be enabled, call <code>setJavaScriptEnabled(false)</code> on the settings of the webview.</p>
+    <p>If Javascript does not need to be enabled, call <code>setJavaScriptEnabled(false)</code> on the settings of the WebView.</p>
 
-    <p>If JavaScript is necessary, only load content from trusted servers using encrypted channels, such as https with certificate verification.</p>
+    <p>If JavaScript is necessary, only load content from trusted servers using encrypted channels, such as HTTPS with certificate verification.</p>
   </recommendation>
 
   <example>
-    <p>In the following (bad) example, a webview has JavaScript enabled in its settings.</p>
+    <p>In the following (bad) example, a WebView has JavaScript enabled in its settings.</p>
 
     <sample src="WebSettingsEnableJavascript.java"/>
 
-    <p>In the following (good) example, a webview explicitly disallows JavaScript execution.</p>
+    <p>In the following (good) example, a WebView explicitly disallows JavaScript execution.</p>
 
     <sample src="WebSettingsDisableJavascript.java"/>
 
diff --git a/java/ql/src/Security/CWE/CWE-079/AndroidWebViewSettingsEnabledJavaScript.ql b/java/ql/src/Security/CWE/CWE-079/AndroidWebViewSettingsEnabledJavaScript.ql
@@ -15,8 +15,6 @@ import semmle.code.java.frameworks.android.WebView
 
 from MethodAccess ma
 where
-  (
-    ma.getMethod() instanceof AllowJavaScriptMethod and
-    ma.getArgument(0).(CompileTimeConstantExpr).getBooleanValue() = true
-  )
+  ma.getMethod() instanceof AllowJavaScriptMethod and
+  ma.getArgument(0).(CompileTimeConstantExpr).getBooleanValue() = true
 select ma, "JavaScript execution enabled in WebView."
