Rust: Clean up the .qhelp a little.

Author: geoffw0

rust/ql/src/queries/security/CWE-295/DisabledCertificateCheck.qhelp

@@ -5,13 +5,13 @@
 
 <overview>
 <p>
-In Rust, the <code>danger_accept_invalid_certs</code> and <code>danger_accept_invalid_hostnames</code> options on TLS connectors and HTTP clients control whether certificate and hostname verification are performed. If set to <code>true</code>, the client will accept any certificate and any host name, making it susceptible to man-in-the-middle attacks.
+The <code>danger_accept_invalid_certs</code> and <code>danger_accept_invalid_hostnames</code> options on TLS connectors and HTTP clients control whether certificate and hostname verification are performed. If set to <code>true</code>, the client will accept any certificate or any host name, making it susceptible to man-in-the-middle attacks.
 </p>
 </overview>
 
 <recommendation>
 <p>
-Do not set <code>danger_accept_invalid_certs</code> or <code>danger_accept_invalid_hostnames</code> to <code>true</code> except in tests or controlled environments. In production, always ensure certificate and hostname verification are enabled to prevent security risks.
+Do not set <code>danger_accept_invalid_certs</code> or <code>danger_accept_invalid_hostnames</code> to <code>true</code> except in controlled environments such as tests. In production, always ensure certificate and hostname verification are enabled to prevent security risks.
 </p>
 </recommendation>
 
@@ -21,7 +21,7 @@ The following code snippet shows a function that creates a TLS or HTTP client wi
 </p>
 <sample src="DisabledCertificateCheckBad.rs"/>
 <p>
-While this may be acceptable in a test, it should not be used in production code. Instead, always configure clients to verify certificates and hostnames:
+In production code, always configure clients to verify certificates and hostnames:
 </p>
 <sample src="DisabledCertificateCheckGood.rs"/>
 </example>