dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

cleaned logs and changed username length for csrf-uuid

Browse Source
This commit is contained in:
Rene Zubcevic 2019-10-14 21:49:44 +02:00 committed by Nanne Baars
parent 6dc679e7b8
commit 1f00d461a8
2 changed files with 2 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
webgoat-container/src/main/java/org/owasp/webgoat/users/UserForm.java
View File

@ -16,7 +16,7 @@ import javax.validation.constraints.Size;
public class UserForm { public class UserForm {
@NotNull @NotNull
@Size(min=6, max=40) @Size(min=6, max=45)
@Pattern(regexp = "[a-z0-9-]*", message = "can only contain lowercase letters, digits, and -") @Pattern(regexp = "[a-z0-9-]*", message = "can only contain lowercase letters, digits, and -")
private String username; private String username;
@NotNull @NotNull

5
webgoat-integration-tests/src/test/java/org/owasp/webgoat/CSRFTest.java
View File

@ -186,9 +186,8 @@ public class CSRFTest extends IntegrationTest {
.cookie("JSESSIONID", getWebGoatCookie()) .cookie("JSESSIONID", getWebGoatCookie())
.header("Referer", webWolfUrl("/files/fake.html")) .header("Referer", webWolfUrl("/files/fake.html"))
.params(params) .params(params)
.log().all()
.post(goatURL) .post(goatURL)
.then().log().all() .then()
.extract().cookie("JSESSIONID"); .extract().cookie("JSESSIONID");
//select the lesson //select the lesson
@ -205,10 +204,8 @@ public class CSRFTest extends IntegrationTest {
.when() .when()
.relaxedHTTPSValidation() .relaxedHTTPSValidation()
.cookie("JSESSIONID", newCookie) .cookie("JSESSIONID", newCookie)
.log().all()
.post(url("/csrf/login")) .post(url("/csrf/login"))
.then() .then()
.log().all()
.statusCode(200) .statusCode(200)
.extract().path("lessonCompleted"); .extract().path("lessonCompleted");