dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

csrf7 test cases added

Browse Source
This commit is contained in:
Rene Zubcevic 2019-10-14 06:40:42 +02:00 committed by Nanne Baars
parent e932253f06
commit 00873cfe3f
2 changed files with 14 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
webgoat-integration-tests/src/test/java/org/owasp/webgoat/CSRFTest.java
View File

@ -47,11 +47,13 @@ public class CSRFTest extends IntegrationTest {
uploadTrickHtml("csrf3.html", trickHTML3.replace("WEBGOATURL", url("/csrf/basic-get-flag"))); uploadTrickHtml("csrf3.html", trickHTML3.replace("WEBGOATURL", url("/csrf/basic-get-flag")));
checkAssignment3(callTrickHtml("csrf3.html")); checkAssignment3(callTrickHtml("csrf3.html"));
//Assignment 4
uploadTrickHtml("csrf4.html", trickHTML4.replace("WEBGOATURL", url("/csrf/review"))); uploadTrickHtml("csrf4.html", trickHTML4.replace("WEBGOATURL", url("/csrf/review")));
checkAssignment4(callTrickHtml("csrf4.html")); checkAssignment4(callTrickHtml("csrf4.html"));
//Assignment 7
uploadTrickHtml("csrf7.html", trickHTML7.replace("WEBGOATURL", url("/csrf/feedback/message"))); uploadTrickHtml("csrf7.html", trickHTML7.replace("WEBGOATURL", url("/csrf/feedback/message")));
//checkAssignment7(callTrickHtml("csrf7.html")); checkAssignment7(callTrickHtml("csrf7.html"));
//checkResults("/csrf"); //checkResults("/csrf");
@ -135,18 +137,22 @@ public class CSRFTest extends IntegrationTest {
params.clear(); params.clear();
params.put("{\"name\":\"WebGoat\",\"email\":\"webgoat@webgoat.org\",\"content\":\"WebGoat is the best!!", "\"}"); params.put("{\"name\":\"WebGoat\",\"email\":\"webgoat@webgoat.org\",\"content\":\"WebGoat is the best!!", "\"}");
String result = RestAssured.given() String flag = RestAssured.given()
.when() .when()
.relaxedHTTPSValidation() .relaxedHTTPSValidation()
.cookie("JSESSIONID", getWebGoatCookie()) .cookie("JSESSIONID", getWebGoatCookie())
.header("Referer", webWolfUrl("/files/fake.html")) .header("Referer", webWolfUrl("/files/fake.html"))
.formParams(params)
.log().all()
.contentType(ContentType.TEXT) .contentType(ContentType.TEXT)
.body("{\"name\":\"WebGoat\",\"email\":\"webgoat@webgoat.org\",\"content\":\"WebGoat is the best!!"+ "=\"}")
.post(goatURL) .post(goatURL)
.then() .then()
.log().all()
.extract().asString(); .extract().asString();
flag = flag.substring(9+flag.indexOf("flag is:"));
flag = flag.substring(0, flag.indexOf("\""));
params.clear();
params.put("confirmFlagVal", flag);
checkAssignment(url("/WebGoat/csrf/feedback"), params, true);
} }

6
webgoat-lessons/csrf/src/main/java/org/owasp/webgoat/csrf/CSRFFeedback.java
View File

@ -68,7 +68,7 @@ public class CSRFFeedback extends AssignmentEndpoint {
} catch (IOException e) { } catch (IOException e) {
return failed().feedback(ExceptionUtils.getStackTrace(e)).build(); return failed().feedback(ExceptionUtils.getStackTrace(e)).build();
} }
boolean correctCSRF = requestContainsWebGoatCookie(request.getCookies()) && request.getContentType().equals(MediaType.TEXT_PLAIN_VALUE); boolean correctCSRF = requestContainsWebGoatCookie(request.getCookies()) && request.getContentType().contains(MediaType.TEXT_PLAIN_VALUE);
correctCSRF &= hostOrRefererDifferentHost(request); correctCSRF &= hostOrRefererDifferentHost(request);
if (correctCSRF) { if (correctCSRF) {
String flag = UUID.randomUUID().toString(); String flag = UUID.randomUUID().toString();
@ -89,8 +89,8 @@ public class CSRFFeedback extends AssignmentEndpoint {
} }
private boolean hostOrRefererDifferentHost(HttpServletRequest request) { private boolean hostOrRefererDifferentHost(HttpServletRequest request) {
String referer = request.getHeader("referer"); String referer = request.getHeader("Referer");
String host = request.getHeader("host"); String host = request.getHeader("Host");
if (referer != null) { if (referer != null) {
return !referer.contains(host); return !referer.contains(host);
} else { } else {