zydronium/manage.get.gov
1
0
Fork 0
mirror of https://github.com/cisagov/manage.get.gov.git synced 2025-08-04 00:42:16 +02:00
Code Issues Projects Releases Packages Wiki Activity

Update zap for false positives

Browse source
This commit is contained in:
Rebecca Hsieh 2023-08-15 11:33:17 -07:00
parent 6faa21168a
commit 18b34af9da
No known key found for this signature in database
GPG key ID: 644527A2F375A379
1 changed files with 2 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/zap.conf
View file

@ -30,6 +30,8 @@
# UNCLEAR WHY THIS ONE IS FAILING. Giving 404 error.
10027 OUTOFSCOPE http://app:8080/public/js/uswds-init.min.js
# get-gov.js contains suspicious word "from" as in `Array.from()`
10027 OUTOFSCOPE http://app:8080/public/src/registrar/templates/home.html
# Contains suspicious word "TODO" which isn't that suspicious
10027 OUTOFSCOPE http://app:8080/public/js/get-gov.js
10028 FAIL (Open Redirect - Passive/beta)
10029 FAIL (Cookie Poisoning - Passive/beta)