From e674d7fc302b9562a076ab120b3828351d64d1da Mon Sep 17 00:00:00 2001
From: Jeroen Willemsen <jeroenwillemsen2001@gmail.com>
Date: Fri, 12 Apr 2024 20:28:19 +0200
Subject: [PATCH 1/2] Initial zap fix test

---
 .github/workflows/dast-zap-test.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/dast-zap-test.yml b/.github/workflows/dast-zap-test.yml
index ad479a73b..34aff5d07 100644
--- a/.github/workflows/dast-zap-test.yml
+++ b/.github/workflows/dast-zap-test.yml
@@ -30,8 +30,8 @@ jobs:
           ZAP_AUTH_HEADER: "Authorization"
         with:
           allow_issue_writing: false
-          docker_name: "owasp/zap2docker-stable"
+          docker_name: "ghcr.io/zaproxy/zaproxy:stable"
           target: "http://localhost:8080"
           rules_file_name: config/zap/rule-config.tsv
           fail_action: true
-          cmd_options: '-z "-configFile /zap/wrk/config/zap/options.prop"'
+          cmd_options: '-z "-configFile /zap/wrk/config/zap/options.prop" -a'

From bf03ef78eeda6f7f823efaa206d583973341e131 Mon Sep 17 00:00:00 2001
From: Jeroen Willemsen <jeroenwillemsen2001@gmail.com>
Date: Fri, 12 Apr 2024 20:36:13 +0200
Subject: [PATCH 2/2] Fix for #1314

---
 config/zap/rule-config.tsv | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/config/zap/rule-config.tsv b/config/zap/rule-config.tsv
index 33c04284a..cf7adca94 100644
--- a/config/zap/rule-config.tsv
+++ b/config/zap/rule-config.tsv
@@ -13,3 +13,5 @@
 10112	IGNORE	Session Management Response Identified
 10105	IGNORE	Authentication Credentials Captured
 90003	IGNORE	Sub Resource Integrity Attribute Missing
+10094	IGNORE	Base64 Disclosure
+90005	IGNORE	Sec-Fetch-Dest Header is Missing