dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

xxe path info (#670)

Browse Source 
* xxe path info aid added

* xxe path info aid added

*  changes to template file and hints

* added ssl test support for XXE

* added ssl test support for XXE

* restconfig replaced by httpsrelaxed

* processed review comments on hints and example
This commit is contained in:
René Zubcevic
2019-10-02 09:59:32 +02:00
committed by GitHub
parent 7536770769
commit 663224d06a
13 changed files with 152 additions and 52 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
webgoat-integration-tests/src/test/java/org/owasp/webgoat/JWTLessonTest.java
View File

@ -76,7 +76,7 @@ public class JWTLessonTest extends IntegrationTest {
String accessToken = RestAssured.given()
.when()
.config(restConfig)
.relaxedHTTPSValidation()
.cookie("JSESSIONID", getWebGoatCookie())
.get(url("/WebGoat/JWT/secret/gettoken"))
.then()
@ -87,7 +87,7 @@ public class JWTLessonTest extends IntegrationTest {
Assert.assertThat(
RestAssured.given()
.when()
.config(restConfig)
.relaxedHTTPSValidation()
.cookie("JSESSIONID", getWebGoatCookie())
.formParam("token", generateToken(secret))
.post(url("/WebGoat/JWT/secret"))
@ -101,7 +101,7 @@ public class JWTLessonTest extends IntegrationTest {
private void resetVotes() throws IOException {
String accessToken = RestAssured.given()
.when()
.config(restConfig)
.relaxedHTTPSValidation()
.cookie("JSESSIONID", getWebGoatCookie())
.get(url("/WebGoat/JWT/votings/login?user=Tom"))
.then()
@ -128,7 +128,7 @@ public class JWTLessonTest extends IntegrationTest {
Assert.assertThat(
RestAssured.given()
.when()
.config(restConfig)
.relaxedHTTPSValidation()
.cookie("JSESSIONID", getWebGoatCookie())
.cookie("access_token", replacedToken)
.post(url("/WebGoat/JWT/votings"))