From 16af4272a5a35823d09e2312cff120d147e9a51e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20Zubcevic?= Date: Thu, 14 Jul 2022 09:11:06 +0200 Subject: [PATCH] joda time refactored some dep fix (#1292) --- pom.xml | 25 +++++++++++++++++++ .../webgoat/lessons/csrf/ForgedReviews.java | 17 ++++++------- .../lessons/xss/stored/StoredXssComments.java | 17 ++++++------- .../webgoat/lessons/xxe/CommentsCache.java | 15 ++++++----- 4 files changed, 48 insertions(+), 26 deletions(-) diff --git a/pom.xml b/pom.xml index d9e0f2e80..d9caf9678 100644 --- a/pom.xml +++ b/pom.xml @@ -149,6 +149,13 @@ + + + org.ow2.asm + asm + 9.1 + + org.apache.commons commons-exec @@ -230,6 +237,16 @@ webdrivermanager ${webdriver.version} + + org.apache.commons + commons-compress + 1.21 + + + org.jruby + jruby + 9.3.6.0 + @@ -632,6 +649,14 @@ + + org.apache.maven.plugins + maven-compiler-plugin + + 17 + 17 + + diff --git a/src/main/java/org/owasp/webgoat/lessons/csrf/ForgedReviews.java b/src/main/java/org/owasp/webgoat/lessons/csrf/ForgedReviews.java index d91b906c5..b65691ac2 100644 --- a/src/main/java/org/owasp/webgoat/lessons/csrf/ForgedReviews.java +++ b/src/main/java/org/owasp/webgoat/lessons/csrf/ForgedReviews.java @@ -23,9 +23,6 @@ package org.owasp.webgoat.lessons.csrf; import com.google.common.collect.Lists; -import org.joda.time.DateTime; -import org.joda.time.format.DateTimeFormat; -import org.joda.time.format.DateTimeFormatter; import org.owasp.webgoat.container.assignments.AssignmentEndpoint; import org.owasp.webgoat.container.assignments.AssignmentHints; import org.owasp.webgoat.container.assignments.AttackResult; @@ -38,6 +35,8 @@ import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; import javax.servlet.http.HttpServletRequest; +import java.time.LocalDateTime; +import java.time.format.DateTimeFormatter; import java.util.ArrayList; import java.util.Collection; import java.util.HashMap; @@ -52,7 +51,7 @@ public class ForgedReviews extends AssignmentEndpoint { @Autowired private WebSession webSession; - private static DateTimeFormatter fmt = DateTimeFormat.forPattern("yyyy-MM-dd, HH:mm:ss"); + private static DateTimeFormatter fmt = DateTimeFormatter.ofPattern("yyyy-MM-dd, HH:mm:ss"); private static final Map> userReviews = new HashMap<>(); private static final List REVIEWS = new ArrayList<>(); @@ -60,10 +59,10 @@ public class ForgedReviews extends AssignmentEndpoint { static { - REVIEWS.add(new Review("secUriTy", DateTime.now().toString(fmt), "This is like swiss cheese", 0)); - REVIEWS.add(new Review("webgoat", DateTime.now().toString(fmt), "It works, sorta", 2)); - REVIEWS.add(new Review("guest", DateTime.now().toString(fmt), "Best, App, Ever", 5)); - REVIEWS.add(new Review("guest", DateTime.now().toString(fmt), "This app is so insecure, I didn't even post this review, can you pull that off too?", 1)); + REVIEWS.add(new Review("secUriTy", LocalDateTime.now().format(fmt), "This is like swiss cheese", 0)); + REVIEWS.add(new Review("webgoat", LocalDateTime.now().format(fmt), "It works, sorta", 2)); + REVIEWS.add(new Review("guest", LocalDateTime.now().format(fmt), "Best, App, Ever", 5)); + REVIEWS.add(new Review("guest", LocalDateTime.now().format(fmt), "This app is so insecure, I didn't even post this review, can you pull that off too?", 1)); } @GetMapping(path = "/csrf/review", produces = MediaType.APPLICATION_JSON_VALUE, consumes = ALL_VALUE) @@ -89,7 +88,7 @@ public class ForgedReviews extends AssignmentEndpoint { Review review = new Review(); review.setText(reviewText); - review.setDateTime(DateTime.now().toString(fmt)); + review.setDateTime(LocalDateTime.now().format(fmt)); review.setUser(webSession.getUserName()); review.setStars(stars); var reviews = userReviews.getOrDefault(webSession.getUserName(), new ArrayList<>()); diff --git a/src/main/java/org/owasp/webgoat/lessons/xss/stored/StoredXssComments.java b/src/main/java/org/owasp/webgoat/lessons/xss/stored/StoredXssComments.java index 36e1bdc44..b82a87231 100644 --- a/src/main/java/org/owasp/webgoat/lessons/xss/stored/StoredXssComments.java +++ b/src/main/java/org/owasp/webgoat/lessons/xss/stored/StoredXssComments.java @@ -24,9 +24,6 @@ package org.owasp.webgoat.lessons.xss.stored; import com.fasterxml.jackson.databind.ObjectMapper; import com.google.common.collect.Lists; -import org.joda.time.DateTime; -import org.joda.time.format.DateTimeFormat; -import org.joda.time.format.DateTimeFormatter; import org.owasp.webgoat.container.assignments.AssignmentEndpoint; import org.owasp.webgoat.container.assignments.AttackResult; import org.owasp.webgoat.container.session.WebSession; @@ -40,6 +37,8 @@ import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; import java.io.IOException; +import java.time.LocalDateTime; +import java.time.format.DateTimeFormatter; import java.util.ArrayList; import java.util.Collection; import java.util.Collections; @@ -55,7 +54,7 @@ public class StoredXssComments extends AssignmentEndpoint { @Autowired private WebSession webSession; - private static DateTimeFormatter fmt = DateTimeFormat.forPattern("yyyy-MM-dd, HH:mm:ss"); + private static DateTimeFormatter fmt = DateTimeFormatter.ofPattern("yyyy-MM-dd, HH:mm:ss"); private static final Map> userComments = new HashMap<>(); private static final List comments = new ArrayList<>(); @@ -63,10 +62,10 @@ public class StoredXssComments extends AssignmentEndpoint { static { - comments.add(new Comment("secUriTy", DateTime.now().toString(fmt), "Comment for Unit Testing")); - comments.add(new Comment("webgoat", DateTime.now().toString(fmt), "This comment is safe")); - comments.add(new Comment("guest", DateTime.now().toString(fmt), "This one is safe too.")); - comments.add(new Comment("guest", DateTime.now().toString(fmt), "Can you post a comment, calling webgoat.customjs.phoneHome() ?")); + comments.add(new Comment("secUriTy", LocalDateTime.now().format(fmt), "Comment for Unit Testing")); + comments.add(new Comment("webgoat", LocalDateTime.now().format(fmt), "This comment is safe")); + comments.add(new Comment("guest", LocalDateTime.now().format(fmt), "This one is safe too.")); + comments.add(new Comment("guest", LocalDateTime.now().format(fmt), "Can you post a comment, calling webgoat.customjs.phoneHome() ?")); } //TODO This assignment seems not to be in use in the UI @@ -90,7 +89,7 @@ public class StoredXssComments extends AssignmentEndpoint { Comment comment = parseJson(commentStr); List comments = userComments.getOrDefault(webSession.getUserName(), new ArrayList<>()); - comment.setDateTime(DateTime.now().toString(fmt)); + comment.setDateTime(LocalDateTime.now().format(fmt)); comment.setUser(webSession.getUserName()); comments.add(comment); diff --git a/src/main/java/org/owasp/webgoat/lessons/xxe/CommentsCache.java b/src/main/java/org/owasp/webgoat/lessons/xxe/CommentsCache.java index 6c7ff32b4..f020228cd 100644 --- a/src/main/java/org/owasp/webgoat/lessons/xxe/CommentsCache.java +++ b/src/main/java/org/owasp/webgoat/lessons/xxe/CommentsCache.java @@ -23,9 +23,6 @@ package org.owasp.webgoat.lessons.xxe; import com.fasterxml.jackson.databind.ObjectMapper; -import org.joda.time.DateTime; -import org.joda.time.format.DateTimeFormat; -import org.joda.time.format.DateTimeFormatter; import org.owasp.webgoat.container.session.WebSession; import org.owasp.webgoat.container.users.WebGoatUser; import org.springframework.context.annotation.Scope; @@ -38,6 +35,8 @@ import javax.xml.stream.XMLInputFactory; import javax.xml.stream.XMLStreamException; import java.io.IOException; import java.io.StringReader; +import java.time.LocalDateTime; +import java.time.format.DateTimeFormatter; import java.util.ArrayList; import java.util.Comparator; import java.util.HashMap; @@ -59,7 +58,7 @@ public class CommentsCache { private static final Comments comments = new Comments(); private static final Map userComments = new HashMap<>(); - private static final DateTimeFormatter fmt = DateTimeFormat.forPattern("yyyy-MM-dd, HH:mm:ss"); + private static final DateTimeFormatter fmt = DateTimeFormatter.ofPattern("yyyy-MM-dd, HH:mm:ss"); private final WebSession webSession; @@ -69,9 +68,9 @@ public class CommentsCache { } void initDefaultComments() { - comments.add(new Comment("webgoat", DateTime.now().toString(fmt), "Silly cat....")); - comments.add(new Comment("guest", DateTime.now().toString(fmt), "I think I will use this picture in one of my projects.")); - comments.add(new Comment("guest", DateTime.now().toString(fmt), "Lol!! :-).")); + comments.add(new Comment("webgoat", LocalDateTime.now().format(fmt), "Silly cat....")); + comments.add(new Comment("guest", LocalDateTime.now().format(fmt), "I think I will use this picture in one of my projects.")); + comments.add(new Comment("guest", LocalDateTime.now().format(fmt), "Lol!! :-).")); } protected Comments getComments() { @@ -116,7 +115,7 @@ public class CommentsCache { } public void addComment(Comment comment, boolean visibleForAllUsers) { - comment.setDateTime(DateTime.now().toString(fmt)); + comment.setDateTime(LocalDateTime.now().format(fmt)); comment.setUser(webSession.getUserName()); if (visibleForAllUsers) { comments.add(comment);