Cleaning up test case logging

pom.xml

@@ -20,7 +20,7 @@
     <parent>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-parent</artifactId>
-        <version>1.5.3.RELEASE</version>
+        <version>1.5.5.RELEASE</version>
     </parent>
 
     <licenses>
@@ -130,7 +130,6 @@
         <commons-fileupload.version>1.3.1</commons-fileupload.version>
         <commons-io.version>2.4</commons-io.version>
         <commons-lang3.version>3.4</commons-lang3.version>
-        <commons-logging.version>1.2</commons-logging.version>
         <coveralls-maven-plugin.version>4.0.0</coveralls-maven-plugin.version>
         <gatling.version>2.2.5</gatling.version>
         <gatling-plugin.version>2.2.4</gatling-plugin.version>
@@ -146,7 +145,6 @@
         <jstl.version>1.2</jstl.version>
         <jtds.version>1.3.1</jtds.version>
         <junit.version>4.12</junit.version>
-        <log4j.version>1.2.17</log4j.version>
         <mail-api.version>1.5.4</mail-api.version>
         <maven-compiler-plugin.version>3.3</maven-compiler-plugin.version>
         <maven-failsafe-plugin.version>2.19</maven-failsafe-plugin.version>
@@ -160,8 +158,6 @@
         <scala.version>2.11.7</scala.version>
         <sauce_junit.version>2.1.20</sauce_junit.version>
         <selenium-java.version>2.48.2</selenium-java.version>
-        <slf4j-api.version>1.7.12</slf4j-api.version>
-        <slf4j-log4j12.version>1.7.12</slf4j-log4j12.version>
         <spring.security.version>3.2.4.RELEASE</spring.security.version>
         <standard.version>1.1.2</standard.version>
         <tiles.version>3.0.5</tiles.version>

webgoat-container/src/main/resources/db/changelog/db.changelog-master.xml

@@ -1,15 +0,0 @@
-<databaseChangeLog
-        xmlns="http://www.liquibase.org/xml/ns/dbchangelog"
-        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-        xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog
-   http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.4.xsd">
-
-<changeSet author="WebGoat" id="init_schema">
-        <createTable tableName="web_goat_user">
-            <column name="username" type="varchar(32)"/>
-            <column name="password" type="varchar(32)"/>
-            <column name="role" type="varchar(32)"/>
-        </createTable>
-        <addPrimaryKey columnNames="username" constraintName="pk_user" tableName="web_goat_user"/>
-    </changeSet>
-</databaseChangeLog>

webgoat-lessons/bypass-restrictions/src/test/java/org/owasp/webgoat/plugin/BypassRestrictionsFrontendValidationTest.java

@@ -6,7 +6,6 @@ import org.junit.runner.RunWith;
 import org.owasp.webgoat.plugins.LessonTest;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
-import org.springframework.test.web.servlet.result.MockMvcResultHandlers;
 import org.springframework.test.web.servlet.setup.MockMvcBuilders;
 
 import static org.hamcrest.Matchers.is;
@@ -38,7 +37,6 @@ public class BypassRestrictionsFrontendValidationTest extends LessonTest {
                 .param("field6", "90201 1111")
                 .param("field7", "301-604-4882")
                 .param("error", "2"))
-                .andDo(MockMvcResultHandlers.print())
                 .andExpect(status().isOk()).andExpect(jsonPath("$.lessonCompleted", is(false)));
     }
 
@@ -53,7 +51,6 @@ public class BypassRestrictionsFrontendValidationTest extends LessonTest {
                 .param("field6", "90201 1111AA")
                 .param("field7", "301-604-4882$$")
                 .param("error", "0"))
-                .andDo(MockMvcResultHandlers.print())
                 .andExpect(status().isOk()).andExpect(jsonPath("$.lessonCompleted", is(true)));
     }
 
@@ -68,7 +65,6 @@ public class BypassRestrictionsFrontendValidationTest extends LessonTest {
                 .param("field6", "90201 1111AA")
                 .param("field7", "301-604-4882AA")
                 .param("error", "0"))
-                .andDo(MockMvcResultHandlers.print())
                 .andExpect(status().isOk()).andExpect(jsonPath("$.lessonCompleted", is(false)));
     }
 

webgoat-lessons/challenge/src/test/java/org/owasp/webgoat/plugin/challenge2/ShopEndpointTest.java

@@ -7,7 +7,6 @@ import org.junit.runner.RunWith;
 import org.mockito.runners.MockitoJUnitRunner;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
-import org.springframework.test.web.servlet.result.MockMvcResultHandlers;
 
 import static org.hamcrest.Matchers.is;
 import static org.owasp.webgoat.plugin.SolutionConstants.SUPER_COUPON_CODE;
@@ -39,7 +38,6 @@ public class ShopEndpointTest {
     @Test
     public void getCoupon() throws Exception {
         mockMvc.perform(MockMvcRequestBuilders.get("/challenge-store/coupons/webgoat"))
-                .andDo(MockMvcResultHandlers.print())
                 .andExpect(jsonPath("$.code", CoreMatchers.is("webgoat")))
                 .andExpect(jsonPath("$.discount", CoreMatchers.is(25)));
     }

webgoat-lessons/challenge/src/test/java/org/owasp/webgoat/plugin/challenge4/VotesEndpointTest.java

@@ -9,7 +9,6 @@ import org.owasp.webgoat.plugin.Flag;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.MvcResult;
 import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
-import org.springframework.test.web.servlet.result.MockMvcResultHandlers;
 
 import javax.servlet.http.Cookie;
 
@@ -97,7 +96,6 @@ public class VotesEndpointTest {
                 .cookie(mvcResult.getResponse().getCookie("access_token")));
         mockMvc.perform(MockMvcRequestBuilders.get("/votings/")
                 .cookie(mvcResult.getResponse().getCookie("access_token")))
-                .andDo(MockMvcResultHandlers.print())
                 .andExpect(jsonPath("$..[?(@.title == 'Get it for free')].numberOfVotes", CoreMatchers.hasItem(20001)));
     }
 

webgoat-lessons/cross-site-scripting/src/test/java/org/owasp/webgoat/plugin/DOMCrossSiteScriptingTest.java

@@ -34,12 +34,11 @@ import org.owasp.webgoat.assignments.AssignmentEndpointTest;
 import org.owasp.webgoat.session.UserSessionData;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
-import org.springframework.test.web.servlet.result.MockMvcResultHandlers;
 
+import static org.mockito.Mockito.when;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 import static org.springframework.test.web.servlet.setup.MockMvcBuilders.standaloneSetup;
-import static org.mockito.Mockito.when;
 
 
 @RunWith(MockitoJUnitRunner.class)
@@ -64,7 +63,7 @@ public class DOMCrossSiteScriptingTest extends AssignmentEndpointTest {
                 .header("webgoat-requested-by","dom-xss-vuln")
                 .param("param1", "42")
                 .param("param2", "24"))
-                .andExpect(status().isOk()).andDo(MockMvcResultHandlers.print())
+                .andExpect(status().isOk())
                 .andExpect(jsonPath("$.output", CoreMatchers.containsString("phoneHome Response is " + randVal)))
                 .andExpect(jsonPath("$.lessonCompleted", CoreMatchers.is(true)));
     }
@@ -76,7 +75,7 @@ public class DOMCrossSiteScriptingTest extends AssignmentEndpointTest {
                 .header("webgoat-requested-by","wrong-value")
                 .param("param1", "22")
                 .param("param2", "20"))
-                .andExpect(status().isOk()).andDo(MockMvcResultHandlers.print())
+                .andExpect(status().isOk())
                 .andExpect(jsonPath("$.lessonCompleted", CoreMatchers.is(false)));
     }
 

webgoat-lessons/http-proxies/src/test/java/org/owasp/webgoat/plugin/HttpBasicsInterceptRequestTest.java

@@ -33,7 +33,6 @@ import org.mockito.runners.MockitoJUnitRunner;
 import org.owasp.webgoat.assignments.AssignmentEndpointTest;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
-import org.springframework.test.web.servlet.result.MockMvcResultHandlers;
 
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.jsonPath;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
@@ -56,7 +55,7 @@ public class HttpBasicsInterceptRequestTest extends AssignmentEndpointTest {
         mockMvc.perform(MockMvcRequestBuilders.get("/challenge/1")
                 .header("x-request-intercepted", "true")
                 .param("changeMe", "Requests are tampered easily"))
-                .andExpect(status().isOk()).andDo(MockMvcResultHandlers.print())
+                .andExpect(status().isOk())
                 .andExpect(jsonPath("$.feedback", CoreMatchers.is(messages.getMessage("http-proxies.intercept.success"))))
                 .andExpect(jsonPath("$.lessonCompleted", CoreMatchers.is(true)));
     }
@@ -66,7 +65,7 @@ public class HttpBasicsInterceptRequestTest extends AssignmentEndpointTest {
         mockMvc.perform(MockMvcRequestBuilders.get("/HttpProxies/intercept-request")
                 .header("x-request-intercepted", "false")
                 .param("changeMe", "Requests are tampered easily"))
-                .andExpect(status().isOk()).andDo(MockMvcResultHandlers.print())
+                .andExpect(status().isOk())
                 .andExpect(jsonPath("$.feedback", CoreMatchers.is(messages.getMessage("http-proxies.intercept.failure"))))
                 .andExpect(jsonPath("$.lessonCompleted", CoreMatchers.is(false)));
     }

webgoat-lessons/missing-function-ac/src/test/java/org/owasp/webgoat/plugin/MissingFunctionACUsersTest.java

@@ -6,15 +6,11 @@ import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.mockito.Mock;
 import org.mockito.runners.MockitoJUnitRunner;
-import org.owasp.webgoat.lessons.AbstractLesson;
-import org.owasp.webgoat.service.HintService;
-import org.owasp.webgoat.session.WebSession;
 import org.owasp.webgoat.users.UserService;
 import org.owasp.webgoat.users.WebGoatUser;
 import org.springframework.test.util.ReflectionTestUtils;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
-import org.springframework.test.web.servlet.result.MockMvcResultHandlers;
 
 import java.util.ArrayList;
 import java.util.List;
@@ -28,10 +24,6 @@ import static org.springframework.test.web.servlet.setup.MockMvcBuilders.standal
 public class MissingFunctionACUsersTest {
     private MockMvc mockMvc;
     @Mock
-    private WebSession websession;
-    @Mock
-    private AbstractLesson lesson;
-    @Mock
     private UserService userService;
 
     @Before
@@ -46,7 +38,6 @@ public class MissingFunctionACUsersTest {
     public void TestContentTypeApplicationJSON () throws  Exception {
         mockMvc.perform(MockMvcRequestBuilders.get("/users")
                 .header("Content-type","application/json"))
-                .andDo(MockMvcResultHandlers.print())
                 .andExpect(status().isOk())
                 .andExpect(jsonPath("$[0].username", CoreMatchers.is("user1")))
                 .andExpect(jsonPath("$[0].userHash",CoreMatchers.is("cplTjehjI/e5ajqTxWaXhU5NW9UotJfXj+gcbPvfWWc=")))

webgoat-lessons/missing-function-ac/src/test/java/org/owasp/webgoat/plugin/MissingFunctionYourHashTest.java

@@ -43,7 +43,7 @@ public class MissingFunctionYourHashTest extends AssignmentEndpointTest {
     public void HashDoesNotMatch() throws Exception {
         mockMvc.perform(MockMvcRequestBuilders.post("/access-control/user-hash")
                 .param("userHash", "42"))
-                .andExpect(status().isOk()).andDo(MockMvcResultHandlers.print())
+                .andExpect(status().isOk())
                 .andExpect(jsonPath("$.feedback", CoreMatchers.containsString("Keep trying, this one may take several attempts")))
                 .andExpect(jsonPath("$.lessonCompleted", CoreMatchers.is(false)));
     }
@@ -52,7 +52,7 @@ public class MissingFunctionYourHashTest extends AssignmentEndpointTest {
     public void hashMatches() throws Exception {
         mockMvc.perform(MockMvcRequestBuilders.post("/access-control/user-hash")
                 .param("userHash", "2340928sadfajsdalsNfwrBla="))
-                .andExpect(status().isOk()).andDo(MockMvcResultHandlers.print())
+                .andExpect(status().isOk())
                 .andExpect(jsonPath("$.feedback", CoreMatchers.containsString("Keep trying, this one may take several attempts")))
                 .andExpect(jsonPath("$.lessonCompleted", CoreMatchers.is(false)));
     }

webgoat-lessons/sql-injection/src/test/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson5aTest.java

@@ -8,7 +8,6 @@ import org.owasp.webgoat.session.WebgoatContext;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
-import org.springframework.test.web.servlet.result.MockMvcResultHandlers;
 import org.springframework.test.web.servlet.setup.MockMvcBuilders;
 
 import static org.hamcrest.CoreMatchers.containsString;
@@ -39,7 +38,7 @@ public class SqlInjectionLesson5aTest extends LessonTest {
     public void knownAccountShouldDisplayData() throws Exception {
         mockMvc.perform(MockMvcRequestBuilders.post("/SqlInjection/attack5a")
                 .param("account", "Smith"))
-                .andDo(MockMvcResultHandlers.print())
+
                 .andExpect(status().isOk())
                 .andExpect(jsonPath("lessonCompleted", is(false)))
                 .andExpect(jsonPath("$.feedback", is(messages.getMessage("assignment.not.solved"))))
@@ -50,7 +49,7 @@ public class SqlInjectionLesson5aTest extends LessonTest {
     public void unknownAccount() throws Exception {
         mockMvc.perform(MockMvcRequestBuilders.post("/SqlInjection/attack5a")
                 .param("account", "Smithh"))
-                .andDo(MockMvcResultHandlers.print())
+
                 .andExpect(status().isOk())
                 .andExpect(jsonPath("lessonCompleted", is(false)))
                 .andExpect(jsonPath("$.feedback", is(messages.getMessage("NoResultsMatched"))))
@@ -61,7 +60,7 @@ public class SqlInjectionLesson5aTest extends LessonTest {
     public void sqlInjection() throws Exception {
         mockMvc.perform(MockMvcRequestBuilders.post("/SqlInjection/attack5a")
                 .param("account", "smith' OR '1' = '1"))
-                .andDo(MockMvcResultHandlers.print())
+
                 .andExpect(status().isOk())
                 .andExpect(jsonPath("lessonCompleted", is(true)))
                 .andExpect(jsonPath("$.feedback", containsString("You have succeed")))
@@ -72,7 +71,7 @@ public class SqlInjectionLesson5aTest extends LessonTest {
     public void sqlInjectionWrongShouldDisplayError() throws Exception {
         mockMvc.perform(MockMvcRequestBuilders.post("/SqlInjection/attack5a")
                 .param("account", "smith' OR '1' = '1'"))
-                .andDo(MockMvcResultHandlers.print())
+
                 .andExpect(status().isOk())
                 .andExpect(jsonPath("lessonCompleted", is(false)))
                 .andExpect(jsonPath("$.feedback", containsString(messages.getMessage("assignment.not.solved"))))

webgoat-lessons/sql-injection/src/test/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson6aTest.java

@@ -32,7 +32,7 @@ public class SqlInjectionLesson6aTest extends LessonTest {
     public void wrongSolution() throws Exception {
         mockMvc.perform(MockMvcRequestBuilders.post("/SqlInjection/attack6a")
                 .param("userid_6a", "John"))
-                .andDo(MockMvcResultHandlers.print())
+
                 .andExpect(status().isOk())
                 .andExpect(jsonPath("$.lessonCompleted", is(false)));
     }
@@ -41,7 +41,7 @@ public class SqlInjectionLesson6aTest extends LessonTest {
     public void wrongNumberOfColumns() throws Exception {
         mockMvc.perform(MockMvcRequestBuilders.post("/SqlInjection/attack6a")
                 .param("userid_6a", "Smith' union select userid,user_name, password,cookie from user_system_data --"))
-                .andDo(MockMvcResultHandlers.print())
+
                 .andExpect(status().isOk())
                 .andExpect(jsonPath("$.lessonCompleted", is(false)))
                 .andExpect(jsonPath("$.output", is("column number mismatch detected in rows of UNION, INTERSECT, EXCEPT, or VALUES operation")));
@@ -51,7 +51,7 @@ public class SqlInjectionLesson6aTest extends LessonTest {
     public void wrongDataTypeOfColumns() throws Exception {
         mockMvc.perform(MockMvcRequestBuilders.post("/SqlInjection/attack6a")
                 .param("userid_6a", "Smith' union select 1,password, 1,'2','3', '4',1 from user_system_data --"))
-                .andDo(MockMvcResultHandlers.print())
+
                 .andExpect(status().isOk())
                 .andExpect(jsonPath("$.lessonCompleted", is(false)))
                 .andExpect(jsonPath("$.output", containsString("incompatible data types in combination")));
@@ -61,7 +61,7 @@ public class SqlInjectionLesson6aTest extends LessonTest {
     public void correctSolution() throws Exception {
         mockMvc.perform(MockMvcRequestBuilders.post("/SqlInjection/attack6a")
                 .param("userid_6a", "Smith' union select 1,password, '1','2','3', '4',1 from user_system_data --"))
-                .andDo(MockMvcResultHandlers.print())
+
                 .andExpect(status().isOk())
                 .andExpect(jsonPath("$.lessonCompleted", is(true)))
                 .andExpect(jsonPath("$.feedback", containsString("dave")));
@@ -71,7 +71,7 @@ public class SqlInjectionLesson6aTest extends LessonTest {
     public void noResultsReturned() throws Exception {
         mockMvc.perform(MockMvcRequestBuilders.post("/SqlInjection/attack6a")
                 .param("userid_6a", "Smith' and 1 = 2 --"))
-                .andDo(MockMvcResultHandlers.print())
+
                 .andExpect(status().isOk())
                 .andExpect(jsonPath("$.lessonCompleted", is(false)))
                 .andExpect(jsonPath("$.feedback", is(messages.getMessage("sql-injection.6a.no.results"))));

webgoat-lessons/sql-injection/src/test/java/org/owasp/webgoat/plugin/introduction/SqlInjectionLesson6bTest.java

@@ -31,7 +31,7 @@ public class SqlInjectionLesson6bTest extends LessonTest {
     public void submitCorrectPassword() throws Exception {
         mockMvc.perform(MockMvcRequestBuilders.post("/SqlInjection/attack6b")
                 .param("userid_6b", "dave"))
-                .andDo(MockMvcResultHandlers.print())
+
                 .andExpect(status().isOk()).andExpect(jsonPath("$.lessonCompleted", is(true)));
     }
 
@@ -39,7 +39,7 @@ public class SqlInjectionLesson6bTest extends LessonTest {
     public void submitWrongPassword() throws Exception {
         mockMvc.perform(MockMvcRequestBuilders.post("/SqlInjection/attack6b")
                 .param("userid_6b", "John"))
-                .andDo(MockMvcResultHandlers.print())
+
                 .andExpect(status().isOk()).andExpect(jsonPath("$.lessonCompleted", is(false)));
     }
 

webgoat-lessons/sql-injection/src/test/java/org/owasp/webgoat/plugin/mitigation/SqlInjectionLesson12aTest.java

@@ -40,7 +40,7 @@ public class SqlInjectionLesson12aTest extends LessonTest {
     public void knownAccountShouldDisplayData() throws Exception {
         mockMvc.perform(MockMvcRequestBuilders.get("/SqlInjection/servers")
                 .param("column", "id"))
-                .andDo(MockMvcResultHandlers.print())
+
                 .andExpect(status().isOk());
     }
 
@@ -48,7 +48,7 @@ public class SqlInjectionLesson12aTest extends LessonTest {
     public void trueShouldSortByHostname() throws Exception {
         mockMvc.perform(MockMvcRequestBuilders.get("/SqlInjection/servers")
                 .param("column", "(case when (true) then hostname else id end)"))
-                .andDo(MockMvcResultHandlers.print())
+
                 .andExpect(status().isOk())
                 .andExpect(status().isOk()).andExpect(jsonPath("$[0].hostname", is("webgoat-acc")));
     }
@@ -57,7 +57,7 @@ public class SqlInjectionLesson12aTest extends LessonTest {
     public void falseShouldSortById() throws Exception {
         mockMvc.perform(MockMvcRequestBuilders.get("/SqlInjection/servers")
                 .param("column", "(case when (true) then hostname else id end)"))
-                .andDo(MockMvcResultHandlers.print())
+
                 .andExpect(status().isOk())
                 .andExpect(status().isOk()).andExpect(jsonPath("$[0].hostname", is("webgoat-acc")));
     }
@@ -66,7 +66,7 @@ public class SqlInjectionLesson12aTest extends LessonTest {
     public void passwordIncorrectShouldOrderByHostname() throws Exception {
         mockMvc.perform(MockMvcRequestBuilders.get("/SqlInjection/servers")
                 .param("column", "CASE WHEN (SELECT ip FROM servers WHERE hostname='webgoat-prd') LIKE '192.%' THEN hostname ELSE id END"))
-                .andDo(MockMvcResultHandlers.print())
+
                 .andExpect(status().isOk()).andExpect(jsonPath("$[0].hostname", is("webgoat-dev")));
     }
 
@@ -74,7 +74,7 @@ public class SqlInjectionLesson12aTest extends LessonTest {
     public void passwordCorrectShouldOrderByHostname() throws Exception {
         mockMvc.perform(MockMvcRequestBuilders.get("/SqlInjection/servers")
                 .param("column", "CASE WHEN (SELECT ip FROM servers WHERE hostname='webgoat-prd') LIKE '104.%' THEN hostname ELSE id END"))
-                .andDo(MockMvcResultHandlers.print())
+
                 .andExpect(status().isOk()).andExpect(jsonPath("$[0].hostname", is("webgoat-acc")));
     }
 
@@ -82,7 +82,7 @@ public class SqlInjectionLesson12aTest extends LessonTest {
     public void postingCorrectAnswerShouldPassTheLesson() throws Exception {
         mockMvc.perform(MockMvcRequestBuilders.post("/SqlInjection/attack12a")
                 .param("ip", "104.130.219.202"))
-                .andDo(MockMvcResultHandlers.print())
+
                 .andExpect(status().isOk()).andExpect(jsonPath("$.lessonCompleted", is(true)));
     }
 
@@ -90,7 +90,7 @@ public class SqlInjectionLesson12aTest extends LessonTest {
     public void postingWrongAnswerShouldNotPassTheLesson() throws Exception {
         mockMvc.perform(MockMvcRequestBuilders.post("/SqlInjection/attack12a")
                 .param("ip", "192.168.219.202"))
-                .andDo(MockMvcResultHandlers.print())
+
                 .andExpect(status().isOk()).andExpect(jsonPath("$.lessonCompleted", is(false)));
     }
 }

webgoat-lessons/vulnerable-components/src/test/java/org/owasp/webgoat/plugin/VulnerableComponentsLessonTest.java

@@ -53,7 +53,7 @@ public class VulnerableComponentsLessonTest extends AssignmentEndpointTest {
     @Test
     public void success() throws Exception {
 //        mockMvc.perform(MockMvcRequestBuilders.post("/VulnerableComponents/attack1").content("Test"))
-//                .andExpect(status().isOk()).andDo(MockMvcResultHandlers.print())
+//                .andExpect(status().isOk())
 //                .andExpect(jsonPath("$.feedback", CoreMatchers.is(messages.getMessage("http-proxies.intercept.success"))))
 //                .andExpect(jsonPath("$.lessonCompleted", CoreMatchers.is(true)));
     }

webgoat-lessons/xxe/src/test/java/org/owasp/webgoat/plugin/BlindSendFileAssignmentTest.java

@@ -13,7 +13,6 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
-import org.springframework.test.web.servlet.result.MockMvcResultHandlers;
 import org.springframework.test.web.servlet.setup.MockMvcBuilders;
 
 import java.io.File;
@@ -53,7 +52,7 @@ public class BlindSendFileAssignmentTest extends LessonTest {
         int nrOfComments = comments.getComments().size();
         mockMvc.perform(MockMvcRequestBuilders.post("/xxe/blind")
                 .content("<comment><text>test</text></comment>"))
-                .andDo(MockMvcResultHandlers.print())
+
                 .andExpect(status().isOk())
                 .andExpect(jsonPath("$.feedback", CoreMatchers.is(messages.getMessage("assignment.not.solved"))));
         assertThat(comments.getComments().size()).isEqualTo(nrOfComments + 1);
@@ -63,7 +62,7 @@ public class BlindSendFileAssignmentTest extends LessonTest {
     public void wrongXmlShouldGiveErrorBack() throws Exception {
         mockMvc.perform(MockMvcRequestBuilders.post("/xxe/blind")
                 .content("<comment><text>test</ext></comment>"))
-                .andDo(MockMvcResultHandlers.print())
+
                 .andExpect(status().isOk())
                 .andExpect(jsonPath("$.feedback", CoreMatchers.is(messages.getMessage("assignment.not.solved"))))
                 .andExpect(jsonPath("$.output", CoreMatchers.is("javax.xml.bind.UnmarshalException\\n - with linked exception:\\n[javax.xml.stream.XMLStreamException: ParseError at [row,col]:[1,22]\\nMessage: The element type \\\"text\\\" must be terminated by the matching end-tag \\\"<\\/text>\\\".]")));
@@ -91,7 +90,7 @@ public class BlindSendFileAssignmentTest extends LessonTest {
         //Call with XXE injection
         mockMvc.perform(MockMvcRequestBuilders.post("/xxe/blind")
                 .content(xml))
-                .andDo(MockMvcResultHandlers.print())
+
                 .andExpect(status().isOk())
                 .andExpect(jsonPath("$.feedback", CoreMatchers.is(messages.getMessage("assignment.not.solved"))));