ci: remove OWASP ZAP workflow and security rules file

Author: Som3a99

.github/workflows/owasp-zap.yml

@@ -149,11 +149,9 @@ public static async Task Main(string[] args)
             builder.Services.AddAntiforgery(options =>
             {
                 options.HeaderName = "X-CSRF-TOKEN";
-                // Use HTTPS only in production; allow HTTP in development/testing
+                // Use HTTPS only in production; allow HTTP in development
                 options.Cookie.HttpOnly = true;
-                options.Cookie.SecurePolicy = builder.Environment.IsProduction()
-                    ? CookieSecurePolicy.Always
-                    : CookieSecurePolicy.SameAsRequest;
+                options.Cookie.SecurePolicy = CookieSecurePolicy.Always;
                 options.Cookie.SameSite = SameSiteMode.Strict;
             });
 
@@ -267,9 +265,7 @@ public static async Task Main(string[] args)
             builder.Services.ConfigureApplicationCookie(options =>
             {
                 options.Cookie.HttpOnly = true; // Prevent XSS access to cookie
-                options.Cookie.SecurePolicy = builder.Environment.IsProduction()
-                    ? CookieSecurePolicy.Always
-                    : CookieSecurePolicy.SameAsRequest;
+                options.Cookie.SecurePolicy = CookieSecurePolicy.Always; // HTTPS only
                 options.Cookie.SameSite = SameSiteMode.Strict; // Prevent CSRF
                 options.ExpireTimeSpan = TimeSpan.FromMinutes(30); // Session timeout
                 options.SlidingExpiration = true; // Extend on activity
@@ -434,7 +430,10 @@ public static async Task Main(string[] args)
                 pattern: "{controller=Home}/{action=Index}/{id?}");
             #endregion
 
-            await ApplyDatabaseMigrationsAndSeedAsync(app);
+            if (!app.Environment.IsEnvironment("Testing"))
+            {
+                await ApplyDatabaseMigrationsAndSeedAsync(app);
+            }
 
             app.Run();
         }