dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Removed hardcoded webgoat path for URLs

Browse Source 
git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@367 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
mayhew64
2008-11-21 16:57:23 +00:00
parent c0d2d13e5a
commit 7998e60f29
68 changed files with 592 additions and 592 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
main/project/JavaSource/org/owasp/webgoat/lessons/Challenge2Screen.java
View File

@ -386,11 +386,11 @@ public class Challenge2Screen extends SequentialLessonAdapter
// show webgoat.jsp text
ec.addElement(new H1().addElement("Original Website Text"));
ec.addElement(new IFrame().setHeight("500").setWidth("100%").setSrc("/WebGoat/" + WEBGOAT_CHALLENGE_JSP));
ec.addElement(new IFrame().setHeight("500").setWidth("100%").setSrc(s.getRequest().getContextPath() + "/" + WEBGOAT_CHALLENGE_JSP));
ec.addElement(new HR());
ec.addElement(new H1().addElement("Defaced Website Text"));
ec.addElement(new IFrame().setHeight("500").setWidth("100%").setSrc(
"/WebGoat/" + WEBGOAT_CHALLENGE + "_"
s.getRequest().getContextPath() + "/" + WEBGOAT_CHALLENGE + "_"
+ s.getUserName() + JSP));
ec.addElement(new HR());

6
main/project/JavaSource/org/owasp/webgoat/lessons/WSDLScanning.java
View File

@ -136,7 +136,7 @@ public class WSDLScanning extends LessonAdapter
return "WSDL Scanning";
}
public Object accessWGService(String serv, int port, String proc, String parameterName, Object parameterValue)
public Object accessWGService(WebSession s, String serv, int port, String proc, String parameterName, Object parameterValue)
{
String targetNamespace = "WebGoat";
try
@ -150,7 +150,7 @@ public class WSDLScanning extends LessonAdapter
call.setReturnType(XMLType.XSD_STRING);
call.setUsername("guest");
call.setPassword("guest");
call.setTargetEndpointAddress("http://localhost:" + port + "/WebGoat/services/" + serv);
call.setTargetEndpointAddress("http://localhost:" + port + "/" + s.getRequest().getContextPath() + "/services/" + serv);
Object result = call.invoke(new Object[] { parameterValue });
return result;
} catch (RemoteException e)
@ -214,7 +214,7 @@ public class WSDLScanning extends LessonAdapter
for (int i = 0; i < fields.length; i++)
{
header.addElement(new TD().addElement(fields[i]));
results.addElement(new TD().addElement((String) accessWGService("WSDLScanning", port, fields[i],
results.addElement(new TD().addElement((String) accessWGService(s, "WSDLScanning", port, fields[i],
"acct_num", new Integer(id))));
}
if (fields.length == 0)

4
main/project/JavaSource/org/owasp/webgoat/util/Interceptor.java
View File

@ -123,8 +123,8 @@ public class Interceptor implements Filter
String url = req.getRequestURL().toString();
RequestDispatcher disp = req.getRequestDispatcher(url.substring(url.lastIndexOf("WebGoat/")
+ "WebGoat".length()));
RequestDispatcher disp = req.getRequestDispatcher(url.substring(url.lastIndexOf(req.getContextPath() + "/")
+ req.getContextPath().length()));
disp.forward(request, response);