diff --git a/src/ruleset.ts b/src/ruleset.ts index 8e56082..b167d72 100644 --- a/src/ruleset.ts +++ b/src/ruleset.ts @@ -717,7 +717,7 @@ export default { "Using external resource based on user input for webhooks, file fetching from URLs, custom SSO, URL previews, or redirects, can lead to a wide variety of security issues.\n\nLearn more about Server Side Request Forgery here: https://owasp.org/API-Security/editions/2023/en/0xa7-server-side-request-forgery/", severity: DiagnosticSeverity.Information, given: - '$.paths..parameters[*][?(@property === "name" && (@ === "callback" || @ === "redirect" || @.match(/(_url|Url|-url)$/)))]^', + '$.paths..parameters[*][?(@property === "name" && (@ === "callback" || @ === "redirect" || @.toString().match(/(_url|Url|-url)$/)))]^', then: { function: undefined, },