fix: Update tests

Author: GeekMasher

ql/test/queries-tests/security/CWE-295/WebAppMissingClientCert/WebAppMissingClientCert.expected

@@ -1,4 +1,3 @@
 | app.bicep:18:1:26:1 | AppService[insecureWebApp] | Azure Web App with HTTPS enabled doesn't require client certificates for mutual TLS authentication. |
 | app.bicep:30:1:39:1 | AppService[partiallySecureWebApp] | Azure Web App with HTTPS enabled doesn't require client certificates for mutual TLS authentication. |
 | app.bicep:43:1:52:1 | AppService[explicitlyOptionalWebApp] | Azure Web App with HTTPS enabled doesn't require client certificates for mutual TLS authentication. |
-| app.bicep:56:1:65:1 | AppService[secureWebApp] | Azure Web App with HTTPS enabled doesn't require client certificates for mutual TLS authentication. |

ql/test/queries-tests/security/CWE-319/SitesWithoutHttpsOnly/SitesWithoutHttpsOnly.expected

@@ -1,2 +1,2 @@
 | app.bicep:17:1:27:1 | AppService[insecureWebApp] | Azure Web App is not configured with HTTPS-only mode, potentially allowing insecure HTTP connections. |
-| app.bicep:30:1:37:1 | AppService[explicitlyInsecureWebApp] | Azure Web App is not configured with HTTPS-only mode, potentially allowing insecure HTTP connections. |
+| app.bicep:43:1:53:1 | AppService[missingHttpsOnlyWebApp] | Azure Web App is not configured with HTTPS-only mode, potentially allowing insecure HTTP connections. |

ql/test/queries-tests/security/CWE-319/SitesWithoutHttpsOnly/app.bicep

@@ -22,18 +22,8 @@ resource insecureWebApp 'Microsoft.Web/sites@2022-03-01' = {
     siteConfig: {
       ftpsState: 'AllAllowed'  // Insecure: allows non-secure FTP
     }
+    httpsOnly: false  // Explicitly insecure: allows HTTP
   }
-  // Missing httpsOnly property or set to false
-}
-
-// Insecure: Web App with HTTPS Only explicitly set to false
-resource explicitlyInsecureWebApp 'Microsoft.Web/sites@2022-03-01' = {
-  name: 'explicitly-insecure-webapp'
-  location: location
-  properties: {
-    serverFarmId: appServicePlan.id
-  }
-  httpsOnly: false  // Explicitly insecure: allows HTTP
 }
 
 // Secure: Web App with HTTPS Only enabled
@@ -45,40 +35,19 @@ resource secureWebApp 'Microsoft.Web/sites@2022-03-01' = {
     siteConfig: {
       ftpsState: 'FtpsOnly'  // Secure: only allows FTPS
     }
+    httpsOnly: true  // Secure: enforces HTTPS
   }
-  httpsOnly: true  // Secure: enforces HTTPS
 }
 
-// Secure: Web App with HTTPS Only, client certs, and VNet integration
-resource highlySecureWebApp 'Microsoft.Web/sites@2022-03-01' = {
-  name: 'highly-secure-webapp'
+// Insecure: Web App with missing httpsOnly property
+resource missingHttpsOnlyWebApp 'Microsoft.Web/sites@2022-03-01' = {
+  name: 'missing-httpsonly-webapp'
   location: location
   properties: {
     serverFarmId: appServicePlan.id
-    virtualNetworkSubnetId: '/subscriptions/{sub}/resourceGroups/{rg}/providers/Microsoft.Network/virtualNetworks/{vnet}/subnets/{subnet}'
-    clientCertEnabled: true
-    clientCertMode: 'Required'
-    publicNetworkAccess: 'Disabled'
     siteConfig: {
-      ftpsState: 'Disabled'
-      minTlsVersion: '1.2'
-      remoteDebuggingEnabled: false
-      alwaysOn: true
-    }
-  }
-  httpsOnly: true
-}
-
-// Insecure: Web App with remote debugging enabled
-resource debuggableWebApp 'Microsoft.Web/sites@2022-03-01' = {
-  name: 'debuggable-webapp'
-  location: location
-  properties: {
-    serverFarmId: appServicePlan.id
-    siteConfig: {
-      remoteDebuggingEnabled: true  // Insecure: enables remote debugging
-      remoteDebuggingVersion: 'VS2019'
+      ftpsState: 'AllAllowed'  // Insecure: allows non-secure FTP
     }
+    // httpsOnly is not specified - defaults to false in Azure
   }
-  httpsOnly: true
 }