dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Session Fixation bugfix

Browse Source 
MultiLevelLogin2 bugfix

git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@315 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
wirth.marcel 2008-04-10 08:52:11 +00:00
parent 0f5798c8d4
commit 478b6defc8
2 changed files with 14 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
main/project/JavaSource/org/owasp/webgoat/lessons/MultiLevelLogin2.java
View File

@ -57,18 +57,18 @@ import org.owasp.webgoat.session.WebSession;
public class MultiLevelLogin2 extends LessonAdapter
{
private final static String USER = "user";
private final static String PASSWORD = "pass";
private final static String TAN = "tan";
private final static String HIDDEN_USER = "hidden_user";
private final static String USER = "user2";
private final static String PASSWORD = "pass2";
private final static String TAN = "tan2";
private final static String HIDDEN_USER = "hidden_user2";
private final static String LOGGEDIN = "loggedin";
private final static String CORRECTTAN = "correctTan";
private final static String CURRENTTAN = "currentTan";
private final static String CURRENTTANPOS = "currentTanPos";
private final static String LOGGEDIN = "loggedin2";
private final static String CORRECTTAN = "correctTan2";
private final static String CURRENTTAN = "currentTan2";
private final static String CURRENTTANPOS = "currentTanPos2";
// needed to see if lesson was successfull
private final static String LOGGEDINUSER = "loggedInUser";
private final static String LOGGEDINUSER = "loggedInUser2";
//private String LoggedInUser = "";

10
main/project/JavaSource/org/owasp/webgoat/lessons/SessionFixation.java
View File

@ -181,7 +181,7 @@ public class SessionFixation extends SequentialLessonAdapter
private Element createStage2Content(WebSession s)
{
ElementContainer ec = new ElementContainer();
String mailHeader = "<b>MailFrom:</b> &nbsp;&nbsp;admin@webgoatfinancial.com<br><br>";
String mailHeader = "<b>Mail From:</b> &nbsp;&nbsp;admin@webgoatfinancial.com<br><br>";
String mailContent = (String) s.get(MAILCONTENTNAME);
ec.addElement(mailHeader + mailContent);
@ -286,12 +286,12 @@ public class SessionFixation extends SequentialLessonAdapter
ec.addElement(table);
B b = new B();
b.addElement("MailTo: ");
b.addElement("Mail To: ");
td1.addElement(b);
td2.addElement(mailTo);
b = new B();
b.addElement("MailFrom: ");
b.addElement("Mail From: ");
td3.addElement(b);
td4.addElement(mailFrom);
@ -304,8 +304,8 @@ public class SessionFixation extends SequentialLessonAdapter
td6.addElement(titleField);
TextArea mailContent = new TextArea();
mailContent.addAttribute("cols", 60);
mailContent.addAttribute("rows", 9);
mailContent.addAttribute("cols", 67);
mailContent.addAttribute("rows", 8);
mailContent.addElement(mailText);
mailContent.setName(MAILCONTENTNAME);
td7.addElement(mailContent);