Do not detect HttpDelete or HttpPut

What does this MR do?

This code is detected as vulnerable by Semgrep C# analyzer.

[HttpPost]
public void Post() {}

However, this code is not detected.

[HttpDelete]
public void Delete() {}

A list of HTTP methods to be detected.

• HttpPost
• HttpDelete
• HttpPatch
• HttpPut

resources.

• CsrfHttpMethodController.cs - Sample ASP.NET Core Controller.
• original.json - GitLab version semgrep analyzer report.
• modified-rules.json - Semgrep analyzer report with modified rules.

What are the relevant issue numbers?

Does this MR meet the acceptance criteria?

• Changelog entry added
• Documentation created/updated for GitLab EE, if necessary
• Documentation created/updated for this project, if necessary
• Documentation reviewed by technical writer or follow-up review issue created
• Tests added for this feature/bug
• Job definition updated, if necessary
  • Auto-DevOps template
  • Job definition example
  • CI Templates
• Conforms to the code review guidelines
• Conforms to the Go guidelines
• Security reports checked/validated by reviewer