From 7fd112bc5dea9b061b864176266398da3fb0a37a Mon Sep 17 00:00:00 2001 From: "rogan.dawes" Date: Wed, 25 Jul 2007 12:55:49 +0000 Subject: [PATCH] Update Random Access Lessons to not include the stage number in the text We add the stage number programmatically now, since we want to be able to skip some stages. git-svn-id: http://webgoat.googlecode.com/svn/trunk@205 4033779f-a91e-0410-96ef-6bf7bf53c507 --- .../CrossSiteScripting/CrossSiteScripting.java | 12 ++++++------ .../DBCrossSiteScripting/DBCrossSiteScripting.java | 4 ++-- .../lessons/DBSQLInjection/DBSQLInjection.java | 4 ++-- .../RoleBasedAccessControl.java | 8 ++++---- .../webgoat/lessons/SQLInjection/SQLInjection.java | 8 ++++---- webgoat/main/project/WebContent/main.jsp | 2 +- 6 files changed, 19 insertions(+), 19 deletions(-) diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/CrossSiteScripting/CrossSiteScripting.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/CrossSiteScripting/CrossSiteScripting.java index ad37d3e92..09489f9e6 100644 --- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/CrossSiteScripting/CrossSiteScripting.java +++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/CrossSiteScripting/CrossSiteScripting.java @@ -54,17 +54,17 @@ public class CrossSiteScripting extends GoatHillsFinancial { private final static Integer DEFAULT_RANKING = new Integer(100); - public final static String STAGE1 = "Stage 1: Stored XSS"; + public final static String STAGE1 = "Stored XSS"; - public final static String STAGE2 = "Stage 2: Block Stored XSS using Input Validation"; + public final static String STAGE2 = "Block Stored XSS using Input Validation"; - public final static String STAGE3 = "Stage 3: Stored XSS Revisited"; + public final static String STAGE3 = "Stored XSS Revisited"; - public final static String STAGE4 = "Stage 4: Block Stored XSS using Output Encoding"; + public final static String STAGE4 = "Block Stored XSS using Output Encoding"; - public final static String STAGE5 = "Stage 5: Reflected XSS"; + public final static String STAGE5 = "Reflected XSS"; - public final static String STAGE6 = "Stage 6: Block Reflected XSS"; + public final static String STAGE6 = "Block Reflected XSS"; protected void registerActions(String className) { diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DBCrossSiteScripting/DBCrossSiteScripting.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DBCrossSiteScripting/DBCrossSiteScripting.java index c430ae1f9..cf2eea621 100755 --- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DBCrossSiteScripting/DBCrossSiteScripting.java +++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DBCrossSiteScripting/DBCrossSiteScripting.java @@ -56,9 +56,9 @@ public class DBCrossSiteScripting extends GoatHillsFinancial { private final static Integer DEFAULT_RANKING = new Integer(100); - public final static String STAGE1 = "Stage 1: Stored XSS"; + public final static String STAGE1 = "Stored XSS"; - public final static String STAGE2 = "Stage 2: Block Stored XSS using DB Input Validation"; + public final static String STAGE2 = "Block Stored XSS using DB Input Validation"; protected void registerActions(String className) { diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DBSQLInjection/DBSQLInjection.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DBSQLInjection/DBSQLInjection.java index 851c398db..b601de862 100755 --- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DBSQLInjection/DBSQLInjection.java +++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DBSQLInjection/DBSQLInjection.java @@ -57,9 +57,9 @@ public class DBSQLInjection extends GoatHillsFinancial public final static String PRIZE_EMPLOYEE_NAME = "Neville Bartholomew"; - public final static String STAGE1 = "Stage 1: String SQL Injection"; + public final static String STAGE1 = "String SQL Injection"; - public final static String STAGE2 = "Stage 2: Block SQL Injection using Bind Variables"; + public final static String STAGE2 = "Block SQL Injection using Bind Variables"; public void registerActions(String className) { diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/RoleBasedAccessControl/RoleBasedAccessControl.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/RoleBasedAccessControl/RoleBasedAccessControl.java index 3d52765ae..c58f81d89 100644 --- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/RoleBasedAccessControl/RoleBasedAccessControl.java +++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/RoleBasedAccessControl/RoleBasedAccessControl.java @@ -52,13 +52,13 @@ public class RoleBasedAccessControl extends GoatHillsFinancial { private final static Integer DEFAULT_RANKING = new Integer(125); - public final static String STAGE1 = "Stage 1: Break Functional Access Control"; + public final static String STAGE1 = "Break Functional Access Control"; - public final static String STAGE2 = "Stage 2: Add Business Layer Access Control"; + public final static String STAGE2 = "Add Business Layer Access Control"; - public final static String STAGE3 = "Stage 3: Break Data Layer Access Control"; + public final static String STAGE3 = "Break Data Layer Access Control"; - public final static String STAGE4 = "Stage 4: Add Data Layer Access Control"; + public final static String STAGE4 = "Add Data Layer Access Control"; protected void registerActions(String className) { registerAction(new ListStaff(this, className, LISTSTAFF_ACTION)); diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/SQLInjection/SQLInjection.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/SQLInjection/SQLInjection.java index 8a4f49331..b8adbe977 100644 --- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/SQLInjection/SQLInjection.java +++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/SQLInjection/SQLInjection.java @@ -55,13 +55,13 @@ public class SQLInjection extends GoatHillsFinancial public final static String PRIZE_EMPLOYEE_NAME = "Neville Bartholomew"; - public final static String STAGE1 = "Stage 1: String SQL Injection"; + public final static String STAGE1 = "String SQL Injection"; - public final static String STAGE2 = "Stage 2: Parameterized Query #1"; + public final static String STAGE2 = "Parameterized Query #1"; - public final static String STAGE3 = "Stage 3: Numeric SQL Injection"; + public final static String STAGE3 = "Numeric SQL Injection"; - public final static String STAGE4 = "Stage 4: Parameterized Query #2"; + public final static String STAGE4 = "Parameterized Query #2"; public void registerActions(String className) { diff --git a/ webgoat/main/project/WebContent/main.jsp b/ webgoat/main/project/WebContent/main.jsp index 9d185d45e..d9f31e1f9 100644 --- a/ webgoat/main/project/WebContent/main.jsp +++ b/ webgoat/main/project/WebContent/main.jsp @@ -100,7 +100,7 @@ StringBuffer buildList = new StringBuffer(); String[] stages = rla.getStages(); for (int i=0; i - <%=(rla.isStageComplete(webSession, stages[i]) ? lessonComplete : "")%><%=stages[i] %> + <%=(rla.isStageComplete(webSession, stages[i]) ? lessonComplete : "")%>Stage <%=i+1%>: <%=stages[i] %> <% }