Skip to content

Commit 0eb602a

Browse files
geoffw0geoffw0
committed
Rust: Update a redirected URL.
1 parent 4b281fd commit 0eb602a

File tree

1 file changed

+8
-8
lines changed

1 file changed

+8
-8
lines changed

rust/ql/src/queries/security/CWE-319/UseOfHttp.qhelp

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -6,21 +6,21 @@
66

77
<p>Constructing URLs with the HTTP protocol can lead to unsecured connections.</p>
88

9-
<p>Furthermore, constructing URLs with the HTTP protocol can create problems if other parts of the
10-
code expect HTTPS URLs. A typical pattern is to use libraries that expect secure connections,
9+
<p>Furthermore, constructing URLs with the HTTP protocol can create problems if other parts of the
10+
code expect HTTPS URLs. A typical pattern is to use libraries that expect secure connections,
1111
which may fail or fall back to insecure behavior when provided with HTTP URLs instead of HTTPS URLs.</p>
1212

1313
</overview>
1414
<recommendation>
1515

16-
<p>When you construct a URL for network requests, ensure that you use an HTTPS URL rather than an HTTP URL.
16+
<p>When you construct a URL for network requests, ensure that you use an HTTPS URL rather than an HTTP URL.
1717
Then, any connections that are made using that URL are secure SSL/TLS connections.</p>
1818

1919
</recommendation>
2020
<example>
2121

22-
<p>The following example shows two ways of making a network request using a URL. When the request is
23-
made using an HTTP URL rather than an HTTPS URL, the connection is unsecured and can be intercepted
22+
<p>The following example shows two ways of making a network request using a URL. When the request is
23+
made using an HTTP URL rather than an HTTPS URL, the connection is unsecured and can be intercepted
2424
by attackers. When the request is made using an HTTPS URL, the connection is a secure SSL/TLS connection.</p>
2525

2626
<sample src="UseOfHttpBad.rs" />
@@ -34,15 +34,15 @@ by attackers. When the request is made using an HTTPS URL, the connection is a s
3434

3535
<li>
3636
OWASP:
37-
<a href="https://cheatsheetseries.owasp.org/cheatsheets/Transport_Layer_Protection_Cheat_Sheet.html">Transport Layer Protection Cheat Sheet</a>.
37+
<a href="https://cheatsheetseries.owasp.org/cheatsheets/Transport_Layer_Security_Cheat_Sheet.html">Transport Layer Security Cheat Sheet</a>.
3838
</li>
3939
<li>
4040
OWASP Top 10:
4141
<a href="https://owasp.org/Top10/A08_2021-Software_and_Data_Integrity_Failures/">A08:2021 - Software and Data Integrity Failures</a>.
4242
</li>
43-
<li>Rust reqwest documentation:
43+
<li>Rust reqwest documentation:
4444
<a href="https://docs.rs/reqwest/">reqwest crate</a>.
4545
</li>
4646

4747
</references>
48-
</qhelp>
48+
</qhelp>

0 commit comments

Comments
 (0)