C++: Address review comment.

cpp/ql/src/Security/CWE/CWE-319/UseOfHttp.ql

@@ -35,8 +35,9 @@ class HttpStringLiteral extends StringLiteral {
     exists(string s | this.getValue() = s |
       s = "http"
       or
-      s.matches("http://%") and
-      not s.substring(7, s.length()) instanceof PrivateHostName and
+      exists(string tail |
+        tail = s.regexpCapture("http://(.*)", 1) and not tail instanceof PrivateHostName
+      ) and
       not TaintTracking::localExprTaint(any(StringLiteral p |
           p.getValue() instanceof PrivateHostName
         ), this.getParent*())