One of the advantages to using Compliance Sheriff is the ability to completely customize the tool to fit specific environmental or project needs. One of the first and most important tasks in doing so is to eliminate the false positives associated with scans. This approach will yield more real and manageable results, especially when using Privacy and Accessibility standard templates. This article will describe several ways to eliminate false positives within Compliance Sheriff. Result Revision WizardThe Result Revision Wizard is one of the easiest and quickest tools to use to edit your results prior to submitting a report to your content owners and stakeholders for review.
The first way to get to this tools directly from the Scan Summary page, by clicking on "Revise Results":From within this wizard you may first wanbt to use the "Apply Filter" option to filter this waizrd to show only those results that you wish to edit. For example, If I would like to change my "Failures" to passes for a given scan, I will check the box for "Failures", and make sure that all other boxes are unchecked like so:Next I'll Change any of these Failures to any other setting as desired, such as "Pass", and then click "Apply Filter" again. Since I'm looking at failures, all of my updated rules should no longer be visible. When done, hit either the "close" button, or the browser back button, and thats it!
All changes will be displayed within the scan summary in the bottom left corner like so:And Thats It! This tool will easily allow you to edit your results, however, you are doing just that, editing the results. Any changes made with this wizard will not change the outcome of future scans. So, while its easy to get to and use, these results are being editied for that report only.Export Results to CSVSometimes (especially when working with Privacy or Accessibility templates), you may have the need to edit the results of several, even dozens or hundreds of issues. While the Result Revision Wizard is easy to get to, you certainly don't want to have to accomplish this task one at a time. Fortunately, Compliance Sheriff has another method for editing results, you can export those results to a csv file and then edit those results in something like Excel!
The first way to export results is from under the "More Options" menu, found on the scans page, then by clicking "Quick Export Results":Quick Export Results will then prompt you to save the CSV file.
TIP -- Use the "SaveAs" feature and save it with a name that corresponds to the scan you are exporting. For example, I'll save mine as "CryptzoneProducts.csv".
This way you'll be able to easily identify the file when you import it back in!
Implementation of this setting will require physical access to the server if self hosted (hosted within your environment), or will require you to alert us through support if you are hosted by us. The one time procedure is as follows:
1. On the Compliance Sheriff server, locate the "HiScan.Config.xml" file located within the application directory, which by default is here:
2. Open the file using a text editor such as notepad.
3. Add the following key
<addkey="IgnoreScriptLinks" value="true" />
*** please enter the key exactly as its shown, it is case sensitive
4. save the file
Once this setting has been implemented, you'll see the following under "System Configuration":
Decorative Images are required to have an empty alt tag (alt=””).
Non-Decorative images must have an alt tag and a real description (alt=”Yellow Taxi Cab driving down 5th Avenue in NYC”).
- Click the "Settings" Tab.
- Click "User agents, variables & key attributes".
- Within the "User variables" window, scroll down to "DecorativeImageList".
- At the end of that row add the name of the image file, for example: /ComplanyLogo.jpg,/CompamyLogoSmall.jpg
- Click on Save
Next run a scan to see the updated changes:
Create Custom Checkpoint GroupsSometimes, especially when working with templates such as WCAG 2.0 A or PFI, you'll come across one specific checkpoint that occurs on every page. There are a couple of different ways to approach this as shown previously, however if you know this specific issue is a false positive (and you may want to include this rule with other scans in other projects), it may be best to create a custom checkpoint group specific to a project that you're working on. Creating a custom checkpoint group will allow you to focus on only those rules that may be important to you for that proiject. In other words, you may not necessarily need to apply an entire group such as WCAG 2.0 A. Compliance Sheriff makes it easy to create a custom group with only specific rules selected.You can apply this custom group to project or a specific set of scans, and leave the OOTB groups alone for future use. Here's how:
- Click on Scan Tab.
- Click on the name of the scan to edit the settings for that scan.
- *** Select the check box for "Retest All Pages".
- Click on "Save".
- Click on "Run” to start the scan.
1. Select the "Checkpoints" tab from the navigation menu on the left, then select the "Groups" subpage:
From here click "New" to create a new Group and give it a name (undeer "Short Description"). This name will show up in your "Available Checkpoint Group" List when you next create a scan:
From here you can "cherry pick" any rules you woul like in your custom group. You can sort by the "Module" drop down menu to find more checkpoints, and when your finshed just click "Save". You can always edit this checkpoint group later on if you wish to add or remove specific checkpoints. Custom goups are an easy way to ensure you are only applying those rules that are important to you for a specific project!Customize CheckpointsCompliance Sheriff is a "data Gathering" tool. And while we make it easy to scan your web content with some of the OOTB web standard templates such as WCAG 2.0 A or PII, essentially you can use this tool to scan for just about anytthing, as long as it can be identified as an element, or by one of it's attributes. One of the most powerful features in Compliance Sheriff is the ability to completely customize all of the rules (checkpoints). Not only are all of the checkpoints themselves visible within Compliance Sheriff, but you can also easily customize them as well, using the built in "Hints" :
Sometimes, editing a checkpoint may be as simple as changing the regex field. In the above photo for example, if I want to look for a specific numeric code, I can take the OOTB Social Sec checkpoint, and change the values in the fileds. Save to "custom" and Im done.
You can also edit things like the "Priority" level on the page, or the "URL for more information" , which is the "HowToFix" link in the rendered view.
Creating custom checkpoints can take a little practice, and is a topic worthy of its own article, but I will note that generally it's a "Trial and Error" proces. There are lots of great checkpoints that come out of the box, and usually eliminating a specific element from a specific rule is as easy as adding an if\else statement to the beginning of the rule. There are lots of examples of this type of code in many of the checkpoints that come OOTB.Tip
-- Always save your custom checpoints to the "Custom" module, then add the custom rule to any checkpoint group you wish to use.
To Summarize, this article described 5 different examples of how to Remove false Poitives from within Compliance Sheriff:Result Revision Wizard
--- edits results onlyQuick Export to csv
--- edits results onlyAdvanced export to csv
--- edits results onlyLink Check Exclude filter
--- will exclude links from the link validation checks as specified by this comma seperated listIgnore Script Links
--- This setting, once added, will allow you to "Ignore Script Links" from Link validation scnsDecorative Image List
--- This list tells Compliance Sheriff which images are "decorative, and so therefore will expect them to have an empty alt set (alt="")Create custom checkpoint groups
--- This is an easy way to select only those specific rules to apply to your contentCustom Checkpoints
--- You can always edit the code itself from within the "Checkpoints" page. Hints are provided as drop down menus, and most checkpoints are fully visible.