dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Allowed other criteria to solve lesson and provide some feedback for acceptable solutions

Browse Source 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@464 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
mayhew64@gmail.com 2012-04-25 18:30:06 +00:00
parent a987ca7cdc
commit 2ae584d0b2
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/main/java/org/owasp/webgoat/lessons/DOMXSS.java
View File

@ -73,6 +73,10 @@ public class DOMXSS extends SequentialLessonAdapter
{ {
getLessonTracker(s).setStage(3); getLessonTracker(s).setStage(3);
s.setMessage("Stage 2 completed. "); s.setMessage("Stage 2 completed. ");
}
else
{
s.setMessage("Only <img onerror... attacks are recognized for success criteria");
} }
return (ec); return (ec);
@ -91,6 +95,16 @@ public class DOMXSS extends SequentialLessonAdapter
{ {
getLessonTracker(s).setStage(4); getLessonTracker(s).setStage(4);
s.setMessage("Stage 3 completed."); s.setMessage("Stage 3 completed.");
} else if (attackString.toString().toLowerCase().indexOf("iframe") != -1
&& attackString.toString().toLowerCase().indexOf("onload") != -1
&& attackString.toString().toLowerCase().indexOf("alert") != -1)
{
getLessonTracker(s).setStage(3);
s.setMessage("Stage 3 completed. ");
}
else
{
s.setMessage("Only <iframe javascript/onload... attacks are recognized for success criteria");
} }
return (ec); return (ec);
} }