show lesson solution
This commit is contained in:
lawson89@gmail.com
@ -129,6 +129,7 @@ public class HammerHead extends HttpServlet {
|
||||
// FIXME: If a response is written by updateSession(), do not
|
||||
// call makeScreen() and writeScreen()
|
||||
mySession = updateSession(request, response, context);
|
||||
|
||||
if (response.isCommitted()) {
|
||||
logger.debug("Response already committed, exiting");
|
||||
return;
|
||||
|
||||
@ -30,13 +30,16 @@
|
||||
*/
|
||||
package org.owasp.webgoat.service;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import javax.servlet.http.Cookie;
|
||||
import javax.servlet.http.HttpSession;
|
||||
import org.owasp.webgoat.lessons.model.RequestParameter;
|
||||
import org.owasp.webgoat.session.WebSession;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.ResponseBody;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
|
||||
/**
|
||||
*
|
||||
@ -58,4 +61,23 @@ public class CookieService extends BaseService {
|
||||
List<Cookie> cookies = ws.getCookiesOnLastRequest();
|
||||
return cookies;
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns cookies and params for current lesson
|
||||
*
|
||||
* @param session
|
||||
* @return
|
||||
*/
|
||||
@RequestMapping(value = "/cookies_widget.mvc", produces = "text/html")
|
||||
public ModelAndView showCookiesAndParamsAsHtml(HttpSession session) {
|
||||
ModelAndView model = new ModelAndView();
|
||||
WebSession ws = getWebSession(session);
|
||||
List<Cookie> cookies = ws.getCookiesOnLastRequest();
|
||||
List<RequestParameter> listParms = ws.getParmsOnLastRequest();
|
||||
Collections.sort(listParms);
|
||||
model.addObject("wgcookies", cookies);
|
||||
model.addObject("wgparams", listParms);
|
||||
model.setViewName("widgets/cookies_and_params");
|
||||
return model;
|
||||
}
|
||||
}
|
||||
|
||||
@ -14,6 +14,7 @@ import org.owasp.webgoat.session.WebSession;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.ResponseBody;
|
||||
import org.springframework.web.servlet.ModelAndView;
|
||||
|
||||
/**
|
||||
*
|
||||
@ -53,4 +54,33 @@ public class HintService extends BaseService {
|
||||
}
|
||||
return listHints;
|
||||
}
|
||||
|
||||
@RequestMapping(value = "/hint_widget.mvc", produces = "text/html")
|
||||
public
|
||||
ModelAndView showHintsAsHtml(HttpSession session) {
|
||||
ModelAndView model = new ModelAndView();
|
||||
List<Hint> listHints = new ArrayList<Hint>();
|
||||
model.addObject("hints", listHints);
|
||||
WebSession ws = getWebSession(session);
|
||||
AbstractLesson l = ws.getCurrentLesson();
|
||||
if (l == null) {
|
||||
return model;
|
||||
}
|
||||
List<String> hints;
|
||||
hints = l.getHintsPublic(ws);
|
||||
if (hints == null) {
|
||||
return model;
|
||||
}
|
||||
int idx = 0;
|
||||
for (String h : hints) {
|
||||
Hint hint = new Hint();
|
||||
hint.setHint(h);
|
||||
hint.setLesson(l.getName());
|
||||
hint.setNumber(idx);
|
||||
listHints.add(hint);
|
||||
idx++;
|
||||
}
|
||||
model.setViewName("widgets/hints");
|
||||
return model;
|
||||
}
|
||||
}
|
||||
|
||||
@ -54,14 +54,15 @@ public class LessonPlanService extends BaseService {
|
||||
* @param session
|
||||
* @return
|
||||
*/
|
||||
@RequestMapping(value = "/lessonplan.mvc", produces = "application/json")
|
||||
@RequestMapping(value = "/lessonplan.mvc", produces = "application/html")
|
||||
public @ResponseBody
|
||||
SourceListing showSource(HttpSession session) {
|
||||
String showPlan(HttpSession session) {
|
||||
WebSession ws = getWebSession(session);
|
||||
String source = getSource(ws);
|
||||
SourceListing sl = new SourceListing();
|
||||
sl.setSource(source);
|
||||
return sl;
|
||||
String plan = getPlan(ws);
|
||||
return plan;
|
||||
//SourceListing sl = new SourceListing();
|
||||
//sl.setSource(source);
|
||||
//return sl;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -70,9 +71,9 @@ public class LessonPlanService extends BaseService {
|
||||
* @param s Description of the Parameter
|
||||
* @return Description of the Return Value
|
||||
*/
|
||||
protected String getSource(WebSession s) {
|
||||
protected String getPlan(WebSession s) {
|
||||
|
||||
String source = null;
|
||||
String plan = null;
|
||||
int scr = s.getCurrentScreen();
|
||||
Course course = s.getCourse();
|
||||
|
||||
@ -81,14 +82,12 @@ public class LessonPlanService extends BaseService {
|
||||
AbstractLesson lesson = course.getLesson(s, scr, AbstractLesson.USER_ROLE);
|
||||
|
||||
if (lesson != null) {
|
||||
source = lesson.getRawSource(s);
|
||||
plan = lesson.getLessonPlan(s);
|
||||
}
|
||||
}
|
||||
if (source == null) {
|
||||
return "Source code is not available. Contact "
|
||||
+ s.getWebgoatContext().getFeedbackAddressHTML();
|
||||
if (plan == null) {
|
||||
plan = "Plan is not available for this lesson.";
|
||||
}
|
||||
return (source.replaceAll("(?s)" + START_SOURCE_SKIP + ".*" + END_SOURCE_SKIP,
|
||||
"Code Section Deliberately Omitted"));
|
||||
return plan;
|
||||
}
|
||||
}
|
||||
|
||||
@ -33,7 +33,6 @@ package org.owasp.webgoat.service;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import javax.servlet.http.HttpSession;
|
||||
import org.owasp.webgoat.lessons.model.RequestParameter;
|
||||
import org.owasp.webgoat.session.WebSession;
|
||||
@ -61,9 +60,8 @@ public class ParameterService extends BaseService {
|
||||
@RequestMapping(value = "/parameter.mvc", produces = "application/json")
|
||||
public @ResponseBody
|
||||
List<RequestParameter> showParameters(HttpSession session) {
|
||||
List<RequestParameter> listParms = new ArrayList<RequestParameter>();
|
||||
WebSession ws = getWebSession(session);
|
||||
listParms = ws.getParmsOnLastRequest();
|
||||
List<RequestParameter> listParms = ws.getParmsOnLastRequest();
|
||||
Collections.sort(listParms);
|
||||
return listParms;
|
||||
}
|
||||
|
||||
@ -34,7 +34,6 @@ import javax.servlet.http.HttpSession;
|
||||
import static org.owasp.webgoat.LessonSource.END_SOURCE_SKIP;
|
||||
import static org.owasp.webgoat.LessonSource.START_SOURCE_SKIP;
|
||||
import org.owasp.webgoat.lessons.AbstractLesson;
|
||||
import org.owasp.webgoat.lessons.model.SourceListing;
|
||||
import org.owasp.webgoat.session.Course;
|
||||
import org.owasp.webgoat.session.WebSession;
|
||||
import org.springframework.stereotype.Controller;
|
||||
@ -54,14 +53,18 @@ public class SourceService extends BaseService {
|
||||
* @param session
|
||||
* @return
|
||||
*/
|
||||
@RequestMapping(value = "/source.mvc", produces = "application/json")
|
||||
@RequestMapping(value = "/source.mvc", produces = "application/text")
|
||||
public @ResponseBody
|
||||
SourceListing showSource(HttpSession session) {
|
||||
String showSource(HttpSession session) {
|
||||
WebSession ws = getWebSession(session);
|
||||
String source = getSource(ws);
|
||||
SourceListing sl = new SourceListing();
|
||||
sl.setSource(source);
|
||||
return sl;
|
||||
if (source == null) {
|
||||
source = "No source listing found";
|
||||
}
|
||||
return source;
|
||||
//SourceListing sl = new SourceListing();
|
||||
//sl.setSource(source);
|
||||
//return sl;
|
||||
}
|
||||
|
||||
/**
|
||||
@ -85,8 +88,7 @@ public class SourceService extends BaseService {
|
||||
}
|
||||
}
|
||||
if (source == null) {
|
||||
return "Source code is not available. Contact "
|
||||
+ s.getWebgoatContext().getFeedbackAddressHTML();
|
||||
return "Source code is not available for this lesson.";
|
||||
}
|
||||
return (source.replaceAll("(?s)" + START_SOURCE_SKIP + ".*" + END_SOURCE_SKIP,
|
||||
"Code Section Deliberately Omitted"));
|
||||
|
||||
Reference in New Issue
Block a user