noticed a config in others which I did not see here and not ally aware. Add this to your configuration
} from-zone untrust to-zone DMZ-trust { policy INTERNET-TO-DMZ { match { source-address any; destination-address WebServer; application HTTP; } then { permit destination-address