Reduce False Positives for HTTP detection Rule (#578)

* Exclude xmlnx:xsi * Fix typo in self-test * Update Changelog.md
2023-08-07 16:00:46 -07:00 · 2023-08-07 16:00:46 -07:00 · 7a4db567c1
--- a/Changelog.md
+++ b/Changelog.md
@ -4,6 +4,10 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).

+## [1.0.17] - 2023-08-07
+### Rules
+Improve HTTP url detection rule to exclude more schema definitions.
+
 ## [1.0.16] - 2023-08-04
 ### Fixes
 Fixes an issue with loading settings in the Visual Studio extension.
--- a/rules/default/security/attack_surface/outbound_network.json
+++ b/rules/default/security/attack_surface/outbound_network.json
@ -57,6 +57,18 @@
                "negate_finding": true,
                "search_in": "finding-region(-1, 0)"
            },
+            {
+                "pattern" : 
+                {
+                    "pattern": "xmlns:xsi=",
+                    "type": "substring",
+                    "scopes": [
+                        "code"
+                    ]
+                },
+                "negate_finding": true,
+                "search_in": "finding-region(-1, 0)"
+            },
            {
                "pattern" :
                {
@ -123,7 +135,8 @@
            "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n\"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">",
            "https://",
            "this is \"https://foo.com\"",
-            "<SCRIPT SRC=\"//BLAH\"></SCRIPT>"
+            "<SCRIPT SRC=\"//BLAH\"></SCRIPT>",
+            "xmlns:xsi=\"http://www.w3.org/someschema/\""
        ]
    }
 ]