Adjust id tag and fix ending line error

luchua-bc · luchua-bc · commit deabfe6e5cba · 2020-06-23T12:24:03.000Z
diff --git a/java/ql/src/experimental/Security/CWE/CWE-273/UnsafeCertTrust.ql b/java/ql/src/experimental/Security/CWE/CWE-273/UnsafeCertTrust.ql
@@ -1,8 +1,8 @@
 /**
- * @id java/unsafe-cert-trust
  * @name Unsafe implementation of trusting any certificate or missing hostname verification in SSL configuration
  * @description Unsafe implementation of the interface X509TrustManager, HostnameVerifier, and SSLSocket/SSLEngine ignores all SSL certificate validation errors when establishing an HTTPS connection, thereby making the app vulnerable to man-in-the-middle attacks.
  * @kind problem
+ * @id java/unsafe-cert-trust
  * @tags security
  *       external/cwe-273
  */
@@ -225,4 +225,5 @@ where
   aa instanceof X509TrustAllManagerInit or
   aa instanceof SSLEndpointIdentificationNotSet or
   aa instanceof RabbitMQEnableHostnameVerificationNotSet
-select aa, "Unsafe configuration of trusted certificates"
+select aa, "Unsafe configuration of trusted certificates"
+
