blacklanternsecurity
diff --git a/‎badsecrets/modules/express_signedcookies_es.py‎
Lines changed: 1 addition & 1 deletion b/‎badsecrets/modules/express_signedcookies_es.py‎
Lines changed: 1 addition & 1 deletion
@@ -24,7 +24,7 @@ class ExpressSignedCookies_ES(BadsecretsBase):
     }
 
     def carve_regex(self):
-        return re.compile(r"(s%3[Aa][^\.]+\.(?!.*%20|.*%22)[a-zA-Z0-9%]{20,90})")
+        return re.compile(r"(?<!http)(s%3[Aa][^.]+\.(?![^ ]*%20|[^ ]*%22)[a-zA-Z0-9%]{20,90})")
 
     def expressHMAC(self, payload, secret, hash_algorithm):
         return no_padding_urlsafe_base64_encode_es(
Original file line number	Diff line number	Diff line change
`@@ -24,7 +24,7 @@ class ExpressSignedCookies_ES(BadsecretsBase):`
`24`	`24`	`}`
`25`	`25`
`26`	`26`	`def carve_regex(self):`
`27`		`- return re.compile(r"(s%3[Aa][^\.]+\.(?!.%20\|.%22)[a-zA-Z0-9%]{20,90})")`
	`27`	`+ return re.compile(r"(?<!http)(s%3[Aa][^.]+\.(?![^ ]%20\|[^ ]%22)[a-zA-Z0-9%]{20,90})")`
`28`	`28`
`29`	`29`	`def expressHMAC(self, payload, secret, hash_algorithm):`
`30`	`30`	`return no_padding_urlsafe_base64_encode_es(`