temp fix

2016-10-11 09:20:39 -04:00 · 2016-10-11 09:20:39 -04:00 · 7d2f1f0a3a
commit 7d2f1f0a3a
parent 829dcd2b29
3 changed files with 19 additions and 0 deletions
--- a/webgoat-container/src/main/java/org/owasp/webgoat/controller/StartLesson.java
+++ b/webgoat-container/src/main/java/org/owasp/webgoat/controller/StartLesson.java
@ -30,6 +30,8 @@
 */
 package org.owasp.webgoat.controller;

+import com.google.gson.JsonObject;
+import org.json.JSONObject;
 import org.owasp.webgoat.lessons.AbstractLesson;
 import org.owasp.webgoat.lessons.RandomLessonAdapter;
 import org.owasp.webgoat.plugins.YmlBasedLesson;
@ -44,6 +46,7 @@ import org.springframework.web.servlet.ModelAndView;

 import javax.servlet.http.HttpServletRequest;
 import java.util.List;
+import java.util.Map;
 import java.util.Optional;


@ -91,4 +94,5 @@ public class StartLesson {
        model.addObject("lesson", lesson.get());
        return model;
    }
+
 }
--- a/webgoat-container/src/main/java/org/owasp/webgoat/lessons/Attack.java
+++ b/webgoat-container/src/main/java/org/owasp/webgoat/lessons/Attack.java
@ -1,5 +1,6 @@
 package org.owasp.webgoat.lessons;

+
 import org.owasp.webgoat.lessons.model.AttackResult;

 /**
@ -34,4 +35,5 @@ import org.owasp.webgoat.lessons.model.AttackResult;
 public interface Attack {

    AttackResult attack();
+
 }
--- a/webgoat-container/src/main/resources/static/js/goatApp/view/LessonContentView.js
+++ b/webgoat-container/src/main/resources/static/js/goatApp/view/LessonContentView.js
@ -49,17 +49,30 @@ define(['jquery',
                this.$el.find(this.$contentPages[this.currentPage]).show();
                this.addPaginationControls();
            }
+
+        makeFormsAjax: function() {
+            var options = {
+                success:this.onAttackExecution.bind(this),
+                url: this.model.urlRoot.replace('\.lesson','.attack'),
+                type:'GET'
+                // $.ajax options can be used here too, for example: 
+                //timeout:   3000 
+            };
+            //hook forms //TODO: clarify form selectors later
+            $("form.attack-form").ajaxForm(options);
        },

        ajaxifyAttackHref: function() {  // rewrite any links with hrefs point to relative attack URLs             
            var self = this;
            // The current LessonAdapter#getLink() generates a hash-mark link.  It will not match the mask below.
            // Besides, the new MVC code registers an event handler that will reload the lesson according to the route.
+
            $('form').submit(function(event){
                $.get(this.action, "json")
                    //.done(self.reLoadView.bind(self))
                    .fail(function() { alert("failed to GET " + url); });
            });
+            
        },

        onAttackExecution: function(feedback) {