From 64d0312645d02e46e1e2b1fcada3a624f89afd5a Mon Sep 17 00:00:00 2001
From: Neil Martinsen-Burrell <neil.martinsen-burrell@gsa.gov>
Date: Tue, 4 Apr 2023 15:45:03 -0500
Subject: [PATCH] Fix OWASP false positive

---
 src/zap.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/zap.conf b/src/zap.conf
index ba0ef6a89..ad01388a7 100644
--- a/src/zap.conf
+++ b/src/zap.conf
@@ -51,6 +51,7 @@
 10038	OUTOFSCOPE	http://app:8080/(robots.txt|sitemap.xml|TODO|edit/)
 10038	OUTOFSCOPE	http://app:8080/users
 10038	OUTOFSCOPE	http://app:8080/users/add
+10038	OUTOFSCOPE	http://app:8080/delete
 # This URL always returns 404, so include it as well.
 10038	OUTOFSCOPE	http://app:8080/todo
 # OIDC isn't configured in the test environment and DEBUG=True so this gives a 500 without CSP headers