Apply suggestion from code review

ggolawski · ggolawski · commit bbcfbd7a2825 · 2020-01-28T22:34:01.000+01:00
diff --git a/java/ql/src/Security/CWE/CWE-90/LdapInjection.qhelp b/java/ql/src/Security/CWE/CWE-90/LdapInjection.qhelp
@@ -11,10 +11,12 @@ is likely to be able to run malicious LDAP queries.</p>
 <recommendation>
 <p>If user input must be included in an LDAP query, it should be escaped to
 avoid a malicious user providing special characters that change the meaning
-of the query. If possible build the LDAP query (or search filter / DN) using your
-framework helper methods to avoid string concatenation, or escape user input
-using the right LDAP encoding method, for example encodeForLDAP from OWASP ESAPI,
-LdapEncoder from Spring LDAP or Filter.encodeValue from UnboundID library.</p>
+of the query. If possible build the LDAP query using framework helper methods, for example
+from Spring's <code>LdapQueryBuilder</code> and <code>LdapNameBuilder</code>,
+instead of string concatenation. Alternatively, escape user input using an appropriate
+LDAP encoding method, for example: <code>encodeForLDAP</code> or </code>encodeForDN</code>
+from OWASP ESAPI, <code>LdapEncoder.filterEncode</code> or <code>LdapEncoder.nameEncode</code>
+from Spring LDAP, or <code>Filter.encodeValue</code> from UnboundID library.</p>
 </recommendation>
 
 <example>
