dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- Introduced user registration

Browse Source 
- Now using Spring Boot for classloading, this way local development does not need to restart the complete server
- Fixed all kinds of dependencies on the names of the lessons necessary to keep in mind during the creation of a lesson.
- Simplied loading of resources, by adding resource mappings in MvcConfig.
- Refactored plugin loading, now only one class is left for loading the lessons.
This commit is contained in:
Nanne Baars
2017-02-25 12:15:07 +01:00
parent 9b86aaba05
commit 259fd19c1b
221 changed files with 1179 additions and 1083 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
webgoat-lessons/xxe/src/main/resources/i18n/WebGoatLabels.properties Normal file
View File

@ -0,0 +1,37 @@
#
# This file is part of WebGoat, an Open Web Application Security Project utility. For details,
# please see http://www.owasp.org/
# <p>
# Copyright (c) 2002 - 2017 Bruce Mayhew
# <p>
# This program is free software; you can redistribute it and/or modify it under the terms of the
# GNU General Public License as published by the Free Software Foundation; either version 2 of the
# License, or (at your option) any later version.
# <p>
# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# General Public License for more details.
# <p>
# You should have received a copy of the GNU General Public License along with this program; if
# not, write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
# 02111-1307, USA.
# <p>
# Getting Source ==============
# <p>
# Source for this application is maintained at https://github.com/WebGoat/WebGoat, a repository for free software
# projects.
# <p>
#
xxe.simple.output=Welcome {0} you can now login to our website
xxe.content.type.feedback.json=You are posting JSON which does not work with a XXE
xxe.content.type.feedback.xml=You are posting XML but there is no XXE attack performed
xxe.content.output=Welcome {0} you can now login to our website
xxe.blind.output=Contents of the file is:
xxe.hints.simple.xxe.1=Try submitting the form and see what happens
xxe.hints.simple.xxe.2=XXE stands for XML External Entity attack
xxe.hints.simple.xxe.3=Try to include your own DTD
xxe.hints.simple.xxe.4=Try to include a doctype (<!DOCTYPE...) in the xml
xxe.hints.content.type.xxe.1=Take a look at the content type
xxe.hints.content.type.xxe.2=Does the endpoint only accept json messages?