Apply suggestions from code review - doc improvements, simplification

joefarebrother · atorralba · joefarebrother · commit a6a500ade232 · 2022-09-21T13:57:31.000+01:00
Co-authored-by: Tony Torralba &lt;atorralba@users.noreply.github.com&gt;
diff --git a/java/ql/lib/semmle/code/java/security/WebviewDubuggingEnabledQuery.qll b/java/ql/lib/semmle/code/java/security/WebviewDubuggingEnabledQuery.qll
@@ -8,11 +8,7 @@ import semmle.code.java.security.SecurityTests
 /** Holds if `ex` looks like a check that this is a debug build. */
 private predicate isDebugCheck(Expr ex) {
   exists(Expr subex, string debug |
-    (
-      debug.toLowerCase().matches("%debug%")
-      or
-      debug.toLowerCase().matches("%test%")
-    ) and
+    debug.toLowerCase().matches(["%debug%", "%test%"]) and
     subex.getParent*() = ex
   |
     subex.(VarAccess).getVariable().getName() = debug
diff --git a/java/ql/src/Security/CWE/CWE-489/WebviewDebuggingEnabled.qhelp b/java/ql/src/Security/CWE/CWE-489/WebviewDebuggingEnabled.qhelp
@@ -6,18 +6,18 @@
 <overview>
 <p>The <code>WebView.setWebContentsDebuggingEnabled</code> method enables or disables the contents of any <code>WebView</code> in the application to be debugged.</p>
 
-<p>Enabling debugging featues could allow for additional entry points or leaking sensitive information. 
-As such, debugging should only be anabled during development, and disabled during production builds.</p>
+<p>Enabling debugging features could allow for additional entry points or leaking sensitive information. 
+As such, debugging should only be enabled during development, and disabled in production builds.</p>
 </overview>
 <recommendation>
-<p>Ensure that debugging features are not enabled during production builds. 
+<p>Ensure that debugging features are not enabled in production builds. 
 If <code>WebView.setWebContentsDebuggingEnabled(true)</code> is used, ensure that it is guarded by a flag indicating that this is a debug build.</p>
 
 </recommendation>
 <example>
 
-<p>In the code below, the BAD case shows debugging always being enabled, 
-whereas the GOOD case only enables debugging if the <code>android:debuggable</code> attribute is set to <code>true</code>.</p>
+<p>In the code below, the BAD case shows WebView debugging always being enabled, 
+whereas the GOOD case only enables it if the <code>android:debuggable</code> attribute is set to <code>true</code>.</p>
 
 <sample src="WebviewDebuggingEnabled.java" />
 
