dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- Introduced user registration

Browse Source 
- Now using Spring Boot for classloading, this way local development does not need to restart the complete server
- Fixed all kinds of dependencies on the names of the lessons necessary to keep in mind during the creation of a lesson.
- Simplied loading of resources, by adding resource mappings in MvcConfig.
- Refactored plugin loading, now only one class is left for loading the lessons.
This commit is contained in:
Nanne Baars
2017-02-25 12:15:07 +01:00
parent 9b86aaba05
commit 259fd19c1b
221 changed files with 1179 additions and 1083 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
webgoat-lessons/sql-injection/src/main/resources/lessonPlans/en/SqlInjection_content12.adoc Normal file
View File

@ -0,0 +1,13 @@
== Input Validation Required?
=== Since my queries are no longer injectable do I still need to validate my input?
* *YES!*
=== Prevents other types of attacks from being stored in the database
* Stored XSS
* Information leakage
* Logic errors business rule validation
* SQL Injection
=== Often the database is considered trusted