diff --git a/main/build.xml b/main/build.xml index be128c449..5f7f39391 100644 --- a/main/build.xml +++ b/main/build.xml @@ -56,7 +56,7 @@ <property name="app.home" value="${basedir}/project"/> <property name="app.name" value="WebGoat"/> <!-- MUST BE CONSISTENT WITH project/build.xml! --> - <property name="app.version" value="5.1"/> <!-- MUST BE CONSISTENT WITH project/build.xml! --> + <property name="app.version" value="5.2"/> <!-- MUST BE CONSISTENT WITH project/build.xml! --> <property name="catalina.home" value="${basedir}/tomcat"/> <property name="dist.home" value="${app.home}/dist"/> <property name="dist.owasp" value="${app.home}/owasp_distributions"/> diff --git a/main/project/JavaSource/org/owasp/webgoat/HammerHead.java b/main/project/JavaSource/org/owasp/webgoat/HammerHead.java index 09a3afd05..e302c34c3 100644 --- a/main/project/JavaSource/org/owasp/webgoat/HammerHead.java +++ b/main/project/JavaSource/org/owasp/webgoat/HammerHead.java @@ -59,6 +59,8 @@ import org.owasp.webgoat.session.WebgoatContext; public class HammerHead extends HttpServlet { + private static final String WELCOMED = "welcomed"; + /** * */ @@ -206,9 +208,9 @@ public class HammerHead extends HttpServlet // If this session has not seen the landing page yet, go there instead. HttpSession session = webSession.getRequest().getSession(); - if (session.getAttribute("welcomed") == null) + if (session.getAttribute(WELCOMED) == null) { - session.setAttribute("welcomed", "true"); + session.setAttribute(WELCOMED, "true"); page = "/webgoat.jsp"; } else @@ -432,6 +434,8 @@ public class HammerHead extends HttpServlet // Create new custom session and save it in the HTTP session // System.out.println( "HH Creating new WebSession: " ); session = new WebSession(webgoatContext, context); + // Ensure splash screen shows on any restart + hs.removeAttribute(WELCOMED); hs.setAttribute(WebSession.SESSION, session); // reset timeout hs.setMaxInactiveInterval(sessionTimeoutSeconds); diff --git a/main/project/JavaSource/org/owasp/webgoat/lessons/HowToWork.java b/main/project/JavaSource/org/owasp/webgoat/lessons/HowToWork.java index 25d971a64..1d83bd75d 100644 --- a/main/project/JavaSource/org/owasp/webgoat/lessons/HowToWork.java +++ b/main/project/JavaSource/org/owasp/webgoat/lessons/HowToWork.java @@ -78,7 +78,7 @@ public class HowToWork extends LessonAdapter */ public String getTitle() { - return ("How to work with Webgoat"); + return ("How to work with WebGoat"); } public Element getCredits() diff --git a/main/project/WebContent/webgoat.jsp b/main/project/WebContent/webgoat.jsp index 18e1192f0..090f4ff9c 100644 --- a/main/project/WebContent/webgoat.jsp +++ b/main/project/WebContent/webgoat.jsp @@ -18,11 +18,13 @@ WebSession webSession = ((WebSession) session.getAttribute("websession")); <div id="wrap"> <div id="top"></div> <div id="start"> -<p>Thank you for using WebGoat!</p> -<p>This program is a demonstration of common web application flaws. +<p>Thank you for using WebGoat! This program is a demonstration of common web application flaws. The exercises are intended to provide hands on experience with -application penetration testing techniques. </p><p>The WebGoat project is lead +application penetration testing techniques. </p> +<p>The WebGoat project is lead by Bruce Mayhew. Please send all comments to Bruce at <%=webSession.getWebgoatContext().getFeedbackAddress()%>.</p> +<p>Thanks to <a href="http://www.ouncelabs.com"><img align="top" height="20" width="160" border = "0" src="images/logos/ounce.jpg" alt="Ounce Labs"/></a> for supporting Bruce on the WebGoat Project.</p> + <div id="team"> <table border="0" align="center" class="lessonText"> <tr>