diff --git a/pom.xml b/pom.xml
index d9e0f2e80..d9caf9678 100644
--- a/pom.xml
+++ b/pom.xml
@@ -149,6 +149,13 @@
+
+
+ org.ow2.asm
+ asm
+ 9.1
+
+
org.apache.commons
commons-exec
@@ -230,6 +237,16 @@
webdrivermanager
${webdriver.version}
+
+ org.apache.commons
+ commons-compress
+ 1.21
+
+
+ org.jruby
+ jruby
+ 9.3.6.0
+
@@ -632,6 +649,14 @@
+
+ org.apache.maven.plugins
+ maven-compiler-plugin
+
+ 17
+ 17
+
+
diff --git a/src/main/java/org/owasp/webgoat/lessons/csrf/ForgedReviews.java b/src/main/java/org/owasp/webgoat/lessons/csrf/ForgedReviews.java
index d91b906c5..b65691ac2 100644
--- a/src/main/java/org/owasp/webgoat/lessons/csrf/ForgedReviews.java
+++ b/src/main/java/org/owasp/webgoat/lessons/csrf/ForgedReviews.java
@@ -23,9 +23,6 @@
package org.owasp.webgoat.lessons.csrf;
import com.google.common.collect.Lists;
-import org.joda.time.DateTime;
-import org.joda.time.format.DateTimeFormat;
-import org.joda.time.format.DateTimeFormatter;
import org.owasp.webgoat.container.assignments.AssignmentEndpoint;
import org.owasp.webgoat.container.assignments.AssignmentHints;
import org.owasp.webgoat.container.assignments.AttackResult;
@@ -38,6 +35,8 @@ import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;
import javax.servlet.http.HttpServletRequest;
+import java.time.LocalDateTime;
+import java.time.format.DateTimeFormatter;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
@@ -52,7 +51,7 @@ public class ForgedReviews extends AssignmentEndpoint {
@Autowired
private WebSession webSession;
- private static DateTimeFormatter fmt = DateTimeFormat.forPattern("yyyy-MM-dd, HH:mm:ss");
+ private static DateTimeFormatter fmt = DateTimeFormatter.ofPattern("yyyy-MM-dd, HH:mm:ss");
private static final Map> userReviews = new HashMap<>();
private static final List REVIEWS = new ArrayList<>();
@@ -60,10 +59,10 @@ public class ForgedReviews extends AssignmentEndpoint {
static {
- REVIEWS.add(new Review("secUriTy", DateTime.now().toString(fmt), "This is like swiss cheese", 0));
- REVIEWS.add(new Review("webgoat", DateTime.now().toString(fmt), "It works, sorta", 2));
- REVIEWS.add(new Review("guest", DateTime.now().toString(fmt), "Best, App, Ever", 5));
- REVIEWS.add(new Review("guest", DateTime.now().toString(fmt), "This app is so insecure, I didn't even post this review, can you pull that off too?", 1));
+ REVIEWS.add(new Review("secUriTy", LocalDateTime.now().format(fmt), "This is like swiss cheese", 0));
+ REVIEWS.add(new Review("webgoat", LocalDateTime.now().format(fmt), "It works, sorta", 2));
+ REVIEWS.add(new Review("guest", LocalDateTime.now().format(fmt), "Best, App, Ever", 5));
+ REVIEWS.add(new Review("guest", LocalDateTime.now().format(fmt), "This app is so insecure, I didn't even post this review, can you pull that off too?", 1));
}
@GetMapping(path = "/csrf/review", produces = MediaType.APPLICATION_JSON_VALUE, consumes = ALL_VALUE)
@@ -89,7 +88,7 @@ public class ForgedReviews extends AssignmentEndpoint {
Review review = new Review();
review.setText(reviewText);
- review.setDateTime(DateTime.now().toString(fmt));
+ review.setDateTime(LocalDateTime.now().format(fmt));
review.setUser(webSession.getUserName());
review.setStars(stars);
var reviews = userReviews.getOrDefault(webSession.getUserName(), new ArrayList<>());
diff --git a/src/main/java/org/owasp/webgoat/lessons/xss/stored/StoredXssComments.java b/src/main/java/org/owasp/webgoat/lessons/xss/stored/StoredXssComments.java
index 36e1bdc44..b82a87231 100644
--- a/src/main/java/org/owasp/webgoat/lessons/xss/stored/StoredXssComments.java
+++ b/src/main/java/org/owasp/webgoat/lessons/xss/stored/StoredXssComments.java
@@ -24,9 +24,6 @@ package org.owasp.webgoat.lessons.xss.stored;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.collect.Lists;
-import org.joda.time.DateTime;
-import org.joda.time.format.DateTimeFormat;
-import org.joda.time.format.DateTimeFormatter;
import org.owasp.webgoat.container.assignments.AssignmentEndpoint;
import org.owasp.webgoat.container.assignments.AttackResult;
import org.owasp.webgoat.container.session.WebSession;
@@ -40,6 +37,8 @@ import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;
import java.io.IOException;
+import java.time.LocalDateTime;
+import java.time.format.DateTimeFormatter;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
@@ -55,7 +54,7 @@ public class StoredXssComments extends AssignmentEndpoint {
@Autowired
private WebSession webSession;
- private static DateTimeFormatter fmt = DateTimeFormat.forPattern("yyyy-MM-dd, HH:mm:ss");
+ private static DateTimeFormatter fmt = DateTimeFormatter.ofPattern("yyyy-MM-dd, HH:mm:ss");
private static final Map> userComments = new HashMap<>();
private static final List comments = new ArrayList<>();
@@ -63,10 +62,10 @@ public class StoredXssComments extends AssignmentEndpoint {
static {
- comments.add(new Comment("secUriTy", DateTime.now().toString(fmt), "Comment for Unit Testing"));
- comments.add(new Comment("webgoat", DateTime.now().toString(fmt), "This comment is safe"));
- comments.add(new Comment("guest", DateTime.now().toString(fmt), "This one is safe too."));
- comments.add(new Comment("guest", DateTime.now().toString(fmt), "Can you post a comment, calling webgoat.customjs.phoneHome() ?"));
+ comments.add(new Comment("secUriTy", LocalDateTime.now().format(fmt), "Comment for Unit Testing"));
+ comments.add(new Comment("webgoat", LocalDateTime.now().format(fmt), "This comment is safe"));
+ comments.add(new Comment("guest", LocalDateTime.now().format(fmt), "This one is safe too."));
+ comments.add(new Comment("guest", LocalDateTime.now().format(fmt), "Can you post a comment, calling webgoat.customjs.phoneHome() ?"));
}
//TODO This assignment seems not to be in use in the UI
@@ -90,7 +89,7 @@ public class StoredXssComments extends AssignmentEndpoint {
Comment comment = parseJson(commentStr);
List comments = userComments.getOrDefault(webSession.getUserName(), new ArrayList<>());
- comment.setDateTime(DateTime.now().toString(fmt));
+ comment.setDateTime(LocalDateTime.now().format(fmt));
comment.setUser(webSession.getUserName());
comments.add(comment);
diff --git a/src/main/java/org/owasp/webgoat/lessons/xxe/CommentsCache.java b/src/main/java/org/owasp/webgoat/lessons/xxe/CommentsCache.java
index 6c7ff32b4..f020228cd 100644
--- a/src/main/java/org/owasp/webgoat/lessons/xxe/CommentsCache.java
+++ b/src/main/java/org/owasp/webgoat/lessons/xxe/CommentsCache.java
@@ -23,9 +23,6 @@
package org.owasp.webgoat.lessons.xxe;
import com.fasterxml.jackson.databind.ObjectMapper;
-import org.joda.time.DateTime;
-import org.joda.time.format.DateTimeFormat;
-import org.joda.time.format.DateTimeFormatter;
import org.owasp.webgoat.container.session.WebSession;
import org.owasp.webgoat.container.users.WebGoatUser;
import org.springframework.context.annotation.Scope;
@@ -38,6 +35,8 @@ import javax.xml.stream.XMLInputFactory;
import javax.xml.stream.XMLStreamException;
import java.io.IOException;
import java.io.StringReader;
+import java.time.LocalDateTime;
+import java.time.format.DateTimeFormatter;
import java.util.ArrayList;
import java.util.Comparator;
import java.util.HashMap;
@@ -59,7 +58,7 @@ public class CommentsCache {
private static final Comments comments = new Comments();
private static final Map userComments = new HashMap<>();
- private static final DateTimeFormatter fmt = DateTimeFormat.forPattern("yyyy-MM-dd, HH:mm:ss");
+ private static final DateTimeFormatter fmt = DateTimeFormatter.ofPattern("yyyy-MM-dd, HH:mm:ss");
private final WebSession webSession;
@@ -69,9 +68,9 @@ public class CommentsCache {
}
void initDefaultComments() {
- comments.add(new Comment("webgoat", DateTime.now().toString(fmt), "Silly cat...."));
- comments.add(new Comment("guest", DateTime.now().toString(fmt), "I think I will use this picture in one of my projects."));
- comments.add(new Comment("guest", DateTime.now().toString(fmt), "Lol!! :-)."));
+ comments.add(new Comment("webgoat", LocalDateTime.now().format(fmt), "Silly cat...."));
+ comments.add(new Comment("guest", LocalDateTime.now().format(fmt), "I think I will use this picture in one of my projects."));
+ comments.add(new Comment("guest", LocalDateTime.now().format(fmt), "Lol!! :-)."));
}
protected Comments getComments() {
@@ -116,7 +115,7 @@ public class CommentsCache {
}
public void addComment(Comment comment, boolean visibleForAllUsers) {
- comment.setDateTime(DateTime.now().toString(fmt));
+ comment.setDateTime(LocalDateTime.now().format(fmt));
comment.setUser(webSession.getUserName());
if (visibleForAllUsers) {
comments.add(comment);