Merging changes from Daniel back into the Spring Boot structure
- different js location - Fixed label debugging which kept on reloading and reloading the lesson - Changes from .jsp merged into .html
This commit is contained in:
Nanne Baars
parent
a8ea4a16e6
commit
576333af7c
@ -11,6 +11,7 @@ import org.owasp.webgoat.session.WebSession;
|
||||
import org.owasp.webgoat.session.WebgoatContext;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.core.io.ClassPathResource;
|
||||
|
||||
import javax.servlet.ServletContext;
|
||||
import javax.servlet.ServletException;
|
||||
@ -249,7 +250,7 @@ public class HammerHead extends HttpServlet {
|
||||
logger.info("Initializing main webgoat servlet");
|
||||
httpDateFormat = new SimpleDateFormat("EEE, dd MMM yyyyy HH:mm:ss z", Locale.US);
|
||||
httpDateFormat.setTimeZone(TimeZone.getTimeZone("GMT"));
|
||||
propertiesPath = getServletContext().getRealPath("/WEB-INF/webgoat.properties");
|
||||
propertiesPath = new ClassPathResource("/WEB-INF/webgoat.properties").getPath();
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -29,9 +29,6 @@
|
||||
*/
|
||||
package org.owasp.webgoat.service;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
import org.owasp.webgoat.session.LabelDebugger;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
@ -44,6 +41,9 @@ import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
import org.springframework.web.bind.annotation.ResponseBody;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
* <p>LabelDebugService class.</p>
|
||||
*
|
||||
@ -73,7 +73,7 @@ public class LabelDebugService extends BaseService {
|
||||
ResponseEntity<Map<String, Object>> checkDebuggingStatus() {
|
||||
logger.debug("Checking label debugging, it is " + labelDebugger.isEnabled()); // FIXME parameterize
|
||||
Map<String, Object> result = createResponse(labelDebugger.isEnabled());
|
||||
return new ResponseEntity<Map<String, Object>>(result, HttpStatus.OK);
|
||||
return new ResponseEntity<>(result, HttpStatus.OK);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -88,7 +88,7 @@ public class LabelDebugService extends BaseService {
|
||||
logger.debug("Setting label debugging to " + labelDebugger.isEnabled()); // FIXME parameterize
|
||||
Map<String, Object> result = createResponse(enabled);
|
||||
labelDebugger.setEnabled(enabled);
|
||||
return new ResponseEntity<Map<String, Object>>(result, HttpStatus.OK);
|
||||
return new ResponseEntity<>(result, HttpStatus.OK);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -29,13 +29,6 @@
|
||||
*/
|
||||
package org.owasp.webgoat.service;
|
||||
|
||||
import java.nio.file.Paths;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import org.owasp.webgoat.plugins.PluginsLoader;
|
||||
import org.owasp.webgoat.session.WebSession;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
@ -46,6 +39,10 @@ import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.ResponseBody;
|
||||
|
||||
import javax.servlet.http.HttpSession;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
* <p>PluginReloadService class.</p>
|
||||
*
|
||||
@ -71,12 +68,12 @@ public class PluginReloadService extends BaseService {
|
||||
logger.debug("Loading plugins into cache");
|
||||
String pluginPath = session.getServletContext().getRealPath("plugin_lessons");
|
||||
String targetPath = session.getServletContext().getRealPath("plugin_extracted");
|
||||
new PluginsLoader(Paths.get(pluginPath), Paths.get(targetPath)).copyJars();
|
||||
//new PluginsLoader(Paths.get(pluginPath), Paths.get(targetPath)).copyJars();
|
||||
webSession.getCourse().loadLessonFromPlugin(session.getServletContext());
|
||||
|
||||
Map<String, Object> result = new HashMap<String, Object>();
|
||||
result.put("success", true);
|
||||
result.put("message", "Plugins reloaded");
|
||||
return new ResponseEntity<Map<String, Object>>(result, HttpStatus.OK);
|
||||
return new ResponseEntity<>(result, HttpStatus.OK);
|
||||
}
|
||||
}
|
||||
|
||||
@ -5,7 +5,7 @@
|
||||
#server.jsp-servlet.registered=true
|
||||
|
||||
server.error.include-stacktrace=always
|
||||
logging.level.org.springframework=DEBUG
|
||||
logging.level.org.springframework=INFO
|
||||
logging.level.org.hibernate=ERROR
|
||||
spring.thymeleaf.cache=false
|
||||
security.enable-csrf=false
|
||||
|
||||
@ -11,6 +11,7 @@ define(['jquery',
|
||||
'goatApp/view/CookieView',
|
||||
'goatApp/view/ParamView',
|
||||
'goatApp/model/ParamModel',
|
||||
'goatApp/view/DeveloperControlsView',
|
||||
'goatApp/support/GoatUtils',
|
||||
'goatApp/view/UserAndInfoView',
|
||||
'goatApp/view/MenuButtonView',
|
||||
@ -32,6 +33,7 @@ define(['jquery',
|
||||
CookieView,
|
||||
ParamView,
|
||||
ParamModel,
|
||||
DeveloperControlsView,
|
||||
GoatUtils,
|
||||
UserAndInfoView,
|
||||
MenuButtonView,
|
||||
@ -49,6 +51,7 @@ define(['jquery',
|
||||
this.lessonProgressModel = new LessonProgressModel();
|
||||
this.lessonProgressView = new LessonProgressView(this.lessonProgressModel);
|
||||
this.lessonView = options.lessonView;
|
||||
this.developerControlsView = new DeveloperControlsView();
|
||||
|
||||
_.extend(Controller.prototype,Backbone.Events);
|
||||
|
||||
@ -103,6 +106,7 @@ define(['jquery',
|
||||
this.listenTo(this.helpControlsView,'hints:show',this.onShowHints)
|
||||
this.listenTo(this.helpControlsView,'source:show',this.hideShowHelps);
|
||||
this.listenTo(this.helpControlsView,'lesson:restart',this.restartLesson);
|
||||
this.listenTo(this.developerControlsView, 'dev:labels', this.restartLesson);
|
||||
|
||||
this.helpControlsView.render();
|
||||
|
||||
@ -124,6 +128,7 @@ define(['jquery',
|
||||
this.lessonHintView = new HintView();
|
||||
this.cookieView = new CookieView();
|
||||
|
||||
|
||||
//TODO: instantiate model with values (not sure why was not working before)
|
||||
var paramModel = new ParamModel({});
|
||||
paramModel.set('scrParam',this.lessonContent.get('scrParam'));
|
||||
|
||||
@ -24,7 +24,7 @@ function(
|
||||
onLabelsLoaded: function(model) {
|
||||
this.models[1] = model;
|
||||
this.render();
|
||||
Backbone.history.loadUrl(Backbone.history.getFragment());
|
||||
this.trigger('dev:labels')
|
||||
},
|
||||
|
||||
initialize: function(options) {
|
||||
|
||||
@ -41,7 +41,7 @@
|
||||
<header id="header">
|
||||
<!--logo start-->
|
||||
<div class="brand">
|
||||
<a href="${pageContext.request.contextPath}/start.mvc" class="logo"><span>Web</span>Goat</a>
|
||||
<a href="${pageContext.request.contextPath}/welcome.mvc" class="logo"><span>Web</span>Goat</a>
|
||||
</div>
|
||||
<!--logo end-->
|
||||
<div class="toggle-navigation toggle-left">
|
||||
@ -66,6 +66,8 @@
|
||||
<li role="presentation" class="disabled"><a role="menuitem" tabindex="-1" href="#">Role: ${role}</a>
|
||||
</li>
|
||||
<li role="presentation" class="divider"></li>
|
||||
<li role="presentation"><a role="menuitem" tabindex="-1" href="#developer-controls">Show developer
|
||||
controls</a></li>
|
||||
<li role="presentation" class="disabled"><a role="menuitem" tabindex="-1" href="#">${version}</a>
|
||||
</li>
|
||||
<li role="presentation" class="disabled"><a role="menuitem" tabindex="-1" href="#">Build:
|
||||
@ -150,6 +152,13 @@
|
||||
<h4>Params</h4>
|
||||
</div>
|
||||
</div>
|
||||
<div align="left">
|
||||
<h3>Developer controls</h3>
|
||||
</div>
|
||||
<hr />
|
||||
<div id="developer-controls">
|
||||
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
@ -6,7 +6,7 @@
|
||||
# lesson.BlindScript.hidden=true;
|
||||
#
|
||||
# These lesson need to be refactored
|
||||
lesson.BasicAuthentication.hidden=true
|
||||
lesson.BasicAuthentication.hidden=false
|
||||
lesson.BlindScript.hidden=true
|
||||
lesson.RemoteAdminFlaw.hidden=true
|
||||
lesson.HttpSplitting.hidden=true
|
||||
|
||||
@ -1,18 +0,0 @@
|
||||
#lesson.BufferOverflow.hidden=true
|
||||
#
|
||||
#
|
||||
# Hide lessons using name of source file,
|
||||
# For Example: BlindScript.java
|
||||
# lesson.BlindScript.hidden=true;
|
||||
#
|
||||
# These lesson need to be refactored
|
||||
lesson.BasicAuthentication.hidden=true
|
||||
lesson.BlindScript.hidden=true
|
||||
lesson.RemoteAdminFlaw.hidden=true
|
||||
lesson.HttpSplitting.hidden=true
|
||||
lesson.SameOriginPolicyProtection.hidden=true
|
||||
lesson.SilentTransactions.hidden=true
|
||||
lesson.TraceXSS.hidden=true
|
||||
lesson.DBSQLInjection.hidden=true
|
||||
lesson.DBCrossSiteScripting.hidden=true
|
||||
lesson.ForcedBrowsing.hidden=true
|
||||
@ -1,39 +0,0 @@
|
||||
define([
|
||||
'backbone'],
|
||||
function(
|
||||
Backbone) {
|
||||
return Backbone.Model.extend({
|
||||
id: 'label-status',
|
||||
url: 'service/debug/labels.mvc',
|
||||
|
||||
label: '',
|
||||
labels: {
|
||||
enable: 'Enable label debugging',
|
||||
disable: 'Disable label debugging'
|
||||
},
|
||||
|
||||
initialize: function() {
|
||||
this.load();
|
||||
},
|
||||
|
||||
fetch: function(options) {
|
||||
options || (options = {});
|
||||
var data = (options.data || {});
|
||||
if(this.enabled != undefined) {
|
||||
options.data = { enabled: !this.enabled };
|
||||
}
|
||||
return Backbone.Collection.prototype.fetch.call(this, options);
|
||||
},
|
||||
|
||||
load: function () {
|
||||
this.fetch().then(this.labelStatusLoaded.bind(this));
|
||||
},
|
||||
|
||||
labelStatusLoaded: function(data) {
|
||||
this.enabled = data.enabled;
|
||||
this.label = this.enabled ? this.labels['disable'] : this.labels['enable'];
|
||||
this.trigger('plugins:loaded', this, data);
|
||||
}
|
||||
|
||||
});
|
||||
});
|
||||
@ -1,13 +0,0 @@
|
||||
define(['jquery',
|
||||
'underscore',
|
||||
'backbone'],
|
||||
function ($,
|
||||
_,
|
||||
Backbone) {
|
||||
return Backbone.Model.extend({
|
||||
url: 'service/lessonprogress.mvc',
|
||||
completed: function () {
|
||||
this.fetch();
|
||||
}
|
||||
});
|
||||
});
|
||||
@ -1,19 +0,0 @@
|
||||
define([
|
||||
'backbone'],
|
||||
function(
|
||||
Backbone) {
|
||||
return Backbone.Model.extend({
|
||||
url: 'service/reloadplugins.mvc',
|
||||
id: 'reload-plugins',
|
||||
label: 'Reload plugins',
|
||||
|
||||
load: function () {
|
||||
this.fetch().then(this.pluginsLoaded.bind(this));
|
||||
},
|
||||
|
||||
pluginsLoaded: function(data) {
|
||||
this.trigger('plugins:loaded', this, data);
|
||||
}
|
||||
|
||||
});
|
||||
});
|
||||
@ -1,77 +0,0 @@
|
||||
define(['jquery',
|
||||
'underscore',
|
||||
'backbone',
|
||||
'goatApp/model/PluginReloadModel',
|
||||
'goatApp/model/LabelDebugModel'],
|
||||
function(
|
||||
$,
|
||||
_,
|
||||
Backbone,
|
||||
PluginReloadModel,
|
||||
LabelDebugModel) {
|
||||
return Backbone.View.extend({
|
||||
el: '#developer-controls',
|
||||
|
||||
onControlClick: function(model) {
|
||||
$('#' + model.id).find('td').text('Loading...');
|
||||
model.load();
|
||||
},
|
||||
|
||||
onPluginsLoaded: function(model) {
|
||||
window.location.href = 'welcome.mvc';
|
||||
},
|
||||
|
||||
onLabelsLoaded: function(model) {
|
||||
this.models[1] = model;
|
||||
this.render();
|
||||
Backbone.history.loadUrl(Backbone.history.getFragment());
|
||||
},
|
||||
|
||||
initialize: function(options) {
|
||||
this.addMenuListener();
|
||||
this.models = [new PluginReloadModel(), new LabelDebugModel()];
|
||||
this.listenTo(this.models[0], 'plugins:loaded', this.onPluginsLoaded);
|
||||
this.listenTo(this.models[1], 'plugins:loaded', this.onLabelsLoaded);
|
||||
this.render();
|
||||
},
|
||||
|
||||
addMenuListener: function() {
|
||||
var showHandler = function(e) {
|
||||
e.preventDefault();
|
||||
$('#developer-control-container').show();
|
||||
$(this).text('Hide developer controls').off().on('click', hideHandler);
|
||||
};
|
||||
|
||||
var hideHandler = function(e) {
|
||||
e.preventDefault();
|
||||
$('#developer-control-container').hide();
|
||||
$(this).text('Show developer controls').off().on('click', showHandler);
|
||||
};
|
||||
|
||||
$('a[href="#developer-controls"]').click(showHandler);
|
||||
},
|
||||
|
||||
render: function() {
|
||||
this.$el.html('');
|
||||
var table = $('<table>',{'class':'developer-controls-table table-nonfluid'});
|
||||
var self = this;
|
||||
_.each(this.models, function(model) {
|
||||
var newRow = $('<tr>', { id: model.id });
|
||||
var headerCell = $('<th>')
|
||||
var statusCell = $('<td>')
|
||||
|
||||
var link = $('<a>', {
|
||||
'text': model.label,
|
||||
'title': model.label
|
||||
});
|
||||
link.click(_.bind(self.onControlClick, self, model));
|
||||
|
||||
newRow.append(headerCell.append(link));
|
||||
newRow.append(statusCell);
|
||||
table.append(newRow);
|
||||
});
|
||||
|
||||
this.$el.append(table);
|
||||
}
|
||||
});
|
||||
});
|
||||
@ -1,26 +0,0 @@
|
||||
define(['jquery',
|
||||
'underscore',
|
||||
'backbone',
|
||||
'goatApp/model/LessonProgressModel'],
|
||||
function ($,
|
||||
_,
|
||||
Backbone,
|
||||
LessonProgressModel) {
|
||||
return Backbone.View.extend({
|
||||
el: '#lesson-progress',
|
||||
initialize: function (lessonProgressModel) {
|
||||
this.model = lessonProgressModel;
|
||||
|
||||
if (this.model) {
|
||||
this.listenTo(this.model, 'change', this.render);
|
||||
}
|
||||
},
|
||||
render: function () {
|
||||
if (this.model.get("lessonCompleted")) {
|
||||
this.$el.html(this.model.get('successMessage'));
|
||||
} else {
|
||||
this.$el.html("");
|
||||
}
|
||||
}
|
||||
});
|
||||
});
|
||||
Loading…
x
Reference in New Issue
Block a user