Update docs/Secure-Coding-Guide-for-Python/CWE-707/CWE-89/README.md

myteron · gkunz · web-flow · commit 888b4c8e9fae · 2024-12-02T17:30:11.000Z
Co-authored-by: Georg Kunz &lt;georg.kunz@ericsson.com&gt;
Signed-off-by: myteron &lt;myteron@gmail.com&gt;
diff --git a/docs/Secure-Coding-Guide-for-Python/CWE-707/CWE-89/README.md b/docs/Secure-Coding-Guide-for-Python/CWE-707/CWE-89/README.md
@@ -170,7 +170,7 @@ The `compliant01.py` code example is using `sqlite3.cursor.execute(get_values, d
 
 * Is limited to a single-line query to protect against multi-line attacks.
 
-The `compliant01.py` code is also providing variable type hints in its methods such as `name: str`. The `add_student` method is now storing the whole length of the string `"Robert'); DROP TABLE students;--"`.Input sanitation as described in separate rules would have to be added.
+The `compliant01.py` code is also providing variable type hints in its methods such as `name: str`. The `add_student` method is now storing the whole length of the string `"Robert'); DROP TABLE students;--"`. Input sanitation as described in separate rules would have to be added.
 
 >[!NOTE]
 >

Original file line number	Diff line number	Diff line change
@@ -170,7 +170,7 @@ The `compliant01.py` code example is using `sqlite3.cursor.execute(get_values, d
`170`	`170`
`171`	`171`	`* Is limited to a single-line query to protect against multi-line attacks.`
`172`	`172`
`173`		-The `compliant01.py` code is also providing variable type hints in its methods such as `name: str`. The `add_student` method is now storing the whole length of the string `"Robert'); DROP TABLE students;--"`.Input sanitation as described in separate rules would have to be added.
	`173`	+The `compliant01.py` code is also providing variable type hints in its methods such as `name: str`. The `add_student` method is now storing the whole length of the string `"Robert'); DROP TABLE students;--"`. Input sanitation as described in separate rules would have to be added.
`174`	`174`
`175`	`175`	`>[!NOTE]`
`176`	`176`	`>`