Renamed to htmltampering

src/main/resources/lessons/htmltampering/documentation/HtmlTampering_Intro.adoc

@@ -0,0 +1,8 @@
+
+== Concept
+Browsers generally offer many options of editing the displayed content. Developers
+therefore must be aware that the values sent by the user may have been tampered with.
+
+== Goals
+* The user should have a basic understanding of HTML
+* The user will be able to exploit editing front end of website

src/main/resources/lessons/htmltampering/documentation/HtmlTampering_Mitigation.adoc

@@ -0,0 +1,14 @@
+=== Mitigation
+
+In this simple example you noticed that the price is calculated client-side and sent to the server. The server
+accepted the input as a given and did not calculate the price again. One of the mitigations in this case is to look up
+the price of the television in your database and calculate the total price again.
+
+
+In a real application you should never rely on client side validation. It is important to verify all the input
+sent by the client. Always remember: **NEVER TRUST INPUT SENT BY A CLIENT.**
+
+''''
+==== References
+
+https://cheatsheetseries.owasp.org/cheatsheets/Input_Validation_Cheat_Sheet.html

src/main/resources/lessons/htmltampering/documentation/HtmlTampering_Task.adoc

@@ -0,0 +1,2 @@
+=== Try it yourself
+In an online store you ordered a new TV, try to buy one or more TVs for a lower price.