update qhelp phrasing

chanel-y · chanel-y · commit ae2d156e382d · 2026-01-30T10:07:41.000-08:00
diff --git a/powershell/ql/src/queries/security/cwe-829/DomainSquattingStatic.qhelp b/powershell/ql/src/queries/security/cwe-829/DomainSquattingStatic.qhelp
@@ -5,7 +5,7 @@
 <qhelp>
 
   <overview>
-    <p> Do not use domains like <code>*.outlook.us</code> and <code>*.office.us</code> are domains that are not owned by Microsoft, or deprecated domains such as <code>goo.gl</code>. 
+    <p> Do not use domains like <code>*.outlook.us</code> and <code>*.office.us</code>, as these are domains that are not owned by Microsoft. Also avoid using deprecated domains like <code>goo.gl</code>. 
     These domains are subject to domain squatting, which can introduce a security risk to services that trust them. </p>
 
     <p>In addition to the above, <code>ajax.microsoft.com</code> and <code>ajax.aspnetcdn.com</code> host old JavaScript or old CSS in a non-production CDN. This CDN has no SLA, and could disappear at any time. We recommend that you move your assets local or serve them from a fully supported production CDN, such as the <a href="https://eng.ms/docs/experiences-devices/global-experiences-platform/es365/idc-fundamentals-1js/1js-monorepo/1js-repo-docs/team-documentation/midgard/engineering-system/cdn">M365 Shared CDN (1CDN)</a>.</p>
