Skip to content

Commit 3efbbb3

Browse files
joefarebrotherjoefarebrother
committed
Elaborate 'guess' to 'guess or determine'
1 parent df5fcc9 commit 3efbbb3

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

csharp/ql/src/Security Features/CWE-639/InsecureDirectObjectReference.qhelp

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@
33
"qhelp.dtd">
44
<qhelp>
55
<overview>
6-
<p>Resources like comments or user profiles can be accessed and modified through an action method. To find a specific resource, the action method accepts an ID parameter that determines which resource to access. If the methods do not check that the current user is authorized to access the specified resource, an attacker can access a resource by guessing the ID parameter.</p>
6+
<p>Resources like comments or user profiles can be accessed and modified through an action method. To target a certain resource, the action method accepts an ID parameter pointing to that specific resource. If the methods do not check that the current user is authorized to access the specified resource, an attacker can access a resource by guessing or otherwise determining the linked ID parameter.</p>
77

88
</overview>
99
<recommendation>
@@ -13,7 +13,7 @@ Ensure that the current user is authorized to access the resource of the provide
1313

1414
</recommendation>
1515
<example>
16-
<p>In the following example, in the "BAD" case, there is no authorization check, so any user can edit any comment for which they guess the ID parameter.
16+
<p>In the following example, in the "BAD" case, there is no authorization check, so any user can edit any comment for which they guess or determine the ID parameter.
1717
The "GOOD" case includes a check that the current user matches the author of the comment, preventing unauthorized access.</p>
1818
<sample src="WebFormsExample.cs" />
1919
<p>The following example shows a similar scenario for the ASP.NET Core framework. As above, the "BAD" case provides an example with no authorization check, and the first "GOOD" case provides an example with a check that the current user authored the specified comment. Additionally, in the second "GOOD" case, the `Authorize` attribute is used to restrict the method to administrators, who are expected to be able to access arbitrary resources.</p>

0 commit comments

Comments
 (0)