dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Allowed other criteria to solve lesson and provide some feedback for acceptable solutions

Browse Source 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@464 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
mayhew64@gmail.com
2012-04-25 18:30:06 +00:00
parent 930195c115
commit 713c786dbf
1 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
webgoat/src/main/java/org/owasp/webgoat/lessons/DOMXSS.java
View File

@ -73,6 +73,10 @@ public class DOMXSS extends SequentialLessonAdapter
{
getLessonTracker(s).setStage(3);
s.setMessage("Stage 2 completed. ");
}
else
{
s.setMessage("Only <img onerror... attacks are recognized for success criteria");
}
return (ec);
@ -91,6 +95,16 @@ public class DOMXSS extends SequentialLessonAdapter
{
getLessonTracker(s).setStage(4);
s.setMessage("Stage 3 completed.");
} else if (attackString.toString().toLowerCase().indexOf("iframe") != -1
&& attackString.toString().toLowerCase().indexOf("onload") != -1
&& attackString.toString().toLowerCase().indexOf("alert") != -1)
{
getLessonTracker(s).setStage(3);
s.setMessage("Stage 3 completed. ");
}
else
{
s.setMessage("Only <iframe javascript/onload... attacks are recognized for success criteria");
}
return (ec);
}