dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

temp fix

Browse Source
This commit is contained in:
Jason White 2016-10-11 09:20:39 -04:00
parent 829dcd2b29
commit 7d2f1f0a3a
3 changed files with 19 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
webgoat-container/src/main/java/org/owasp/webgoat/controller/StartLesson.java
View File

@ -30,6 +30,8 @@
*/ */
package org.owasp.webgoat.controller; package org.owasp.webgoat.controller;
import com.google.gson.JsonObject;
import org.json.JSONObject;
import org.owasp.webgoat.lessons.AbstractLesson; import org.owasp.webgoat.lessons.AbstractLesson;
import org.owasp.webgoat.lessons.RandomLessonAdapter; import org.owasp.webgoat.lessons.RandomLessonAdapter;
import org.owasp.webgoat.plugins.YmlBasedLesson; import org.owasp.webgoat.plugins.YmlBasedLesson;
@ -44,6 +46,7 @@ import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import java.util.List; import java.util.List;
import java.util.Map;
import java.util.Optional; import java.util.Optional;
@ -91,4 +94,5 @@ public class StartLesson {
model.addObject("lesson", lesson.get()); model.addObject("lesson", lesson.get());
return model; return model;
} }
} }

2
webgoat-container/src/main/java/org/owasp/webgoat/lessons/Attack.java
View File

@ -1,5 +1,6 @@
package org.owasp.webgoat.lessons; package org.owasp.webgoat.lessons;
import org.owasp.webgoat.lessons.model.AttackResult; import org.owasp.webgoat.lessons.model.AttackResult;
/** /**
@ -34,4 +35,5 @@ import org.owasp.webgoat.lessons.model.AttackResult;
public interface Attack { public interface Attack {
AttackResult attack(); AttackResult attack();
} }

13
webgoat-container/src/main/resources/static/js/goatApp/view/LessonContentView.js
View File

@ -49,17 +49,30 @@ define(['jquery',
this.$el.find(this.$contentPages[this.currentPage]).show(); this.$el.find(this.$contentPages[this.currentPage]).show();
this.addPaginationControls(); this.addPaginationControls();
} }
makeFormsAjax: function() {
var options = {
success:this.onAttackExecution.bind(this),
url: this.model.urlRoot.replace('\.lesson','.attack'),
type:'GET'
// $.ajax options can be used here too, for example:
//timeout: 3000
};
//hook forms //TODO: clarify form selectors later
$("form.attack-form").ajaxForm(options);
}, },
ajaxifyAttackHref: function() { // rewrite any links with hrefs point to relative attack URLs ajaxifyAttackHref: function() { // rewrite any links with hrefs point to relative attack URLs
var self = this; var self = this;
// The current LessonAdapter#getLink() generates a hash-mark link. It will not match the mask below. // The current LessonAdapter#getLink() generates a hash-mark link. It will not match the mask below.
// Besides, the new MVC code registers an event handler that will reload the lesson according to the route. // Besides, the new MVC code registers an event handler that will reload the lesson according to the route.
$('form').submit(function(event){ $('form').submit(function(event){
$.get(this.action, "json") $.get(this.action, "json")
//.done(self.reLoadView.bind(self)) //.done(self.reLoadView.bind(self))
.fail(function() { alert("failed to GET " + url); }); .fail(function() { alert("failed to GET " + url); });
}); });
}, },
onAttackExecution: function(feedback) { onAttackExecution: function(feedback) {