From 2a6b3d189e9f8726694a056f032f9a7158a83523 Mon Sep 17 00:00:00 2001 From: Nanne Baars Date: Tue, 24 Sep 2019 18:08:53 +0200 Subject: [PATCH] Disable csrf through property no longer works and we already have it in WebSecurityConfig. Thymeleaf templates caching is set on the resolvers themselves --- .../resources/application-webgoat.properties | 17 ++++++----------- 1 file changed, 6 insertions(+), 11 deletions(-) diff --git a/webgoat-container/src/main/resources/application-webgoat.properties b/webgoat-container/src/main/resources/application-webgoat.properties index 3eb7b0474..7fb0ab26d 100644 --- a/webgoat-container/src/main/resources/application-webgoat.properties +++ b/webgoat-container/src/main/resources/application-webgoat.properties @@ -18,20 +18,15 @@ spring.jpa.hibernate.ddl-auto=update spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.HSQLDialect spring.datasource.driver-class-name=org.hsqldb.jdbc.JDBCDriver -logging.level.org.thymeleaf=DEBUG -logging.level.org.thymeleaf.TemplateEngine.CONFIG=TRACE -logging.level.org.thymeleaf.TemplateEngine.TIMER=TRACE -logging.level.org.thymeleaf.TemplateEngine.cache.TEMPLATE_CACHE=TRACE -logging.level.org.springframework.web=TRACE +logging.level.org.thymeleaf=INFO +logging.level.org.thymeleaf.TemplateEngine.CONFIG=INFO +logging.level.org.thymeleaf.TemplateEngine.TIMER=INFO +logging.level.org.thymeleaf.TemplateEngine.cache.TEMPLATE_CACHE=INFO +logging.level.org.springframework.web=INFO logging.level.org.springframework=INFO logging.level.org.springframework.boot.devtools=INFO logging.level.org.owasp=DEBUG -logging.level.org.owasp.webgoat=TRACE - -# Needed for creating a vulnerable web application -security.enable-csrf=false - -spring.thymeleaf.cache=false +logging.level.org.owasp.webgoat=DEBUG webgoat.start.hsqldb=true webgoat.clean=false