dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update Random Access Lessons to not include the stage number in the text

Browse Source 
We add the stage number programmatically now, since we want to be able
to skip some stages.


git-svn-id: http://webgoat.googlecode.com/svn/trunk@205 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
rogan.dawes 2007-07-25 12:55:49 +00:00
parent add34a24dc
commit 7fd112bc5d
6 changed files with 19 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/CrossSiteScripting/CrossSiteScripting.java
View File

@ -54,17 +54,17 @@ public class CrossSiteScripting extends GoatHillsFinancial
{ {
private final static Integer DEFAULT_RANKING = new Integer(100); private final static Integer DEFAULT_RANKING = new Integer(100);
public final static String STAGE1 = "Stage 1: Stored XSS"; public final static String STAGE1 = "Stored XSS";
public final static String STAGE2 = "Stage 2: Block Stored XSS using Input Validation"; public final static String STAGE2 = "Block Stored XSS using Input Validation";
public final static String STAGE3 = "Stage 3: Stored XSS Revisited"; public final static String STAGE3 = "Stored XSS Revisited";
public final static String STAGE4 = "Stage 4: Block Stored XSS using Output Encoding"; public final static String STAGE4 = "Block Stored XSS using Output Encoding";
public final static String STAGE5 = "Stage 5: Reflected XSS"; public final static String STAGE5 = "Reflected XSS";
public final static String STAGE6 = "Stage 6: Block Reflected XSS"; public final static String STAGE6 = "Block Reflected XSS";
protected void registerActions(String className) protected void registerActions(String className)
{ {

4
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DBCrossSiteScripting/DBCrossSiteScripting.java
View File

@ -56,9 +56,9 @@ public class DBCrossSiteScripting extends GoatHillsFinancial
{ {
private final static Integer DEFAULT_RANKING = new Integer(100); private final static Integer DEFAULT_RANKING = new Integer(100);
public final static String STAGE1 = "Stage 1: Stored XSS"; public final static String STAGE1 = "Stored XSS";
public final static String STAGE2 = "Stage 2: Block Stored XSS using DB Input Validation"; public final static String STAGE2 = "Block Stored XSS using DB Input Validation";
protected void registerActions(String className) protected void registerActions(String className)
{ {

4
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DBSQLInjection/DBSQLInjection.java
View File

@ -57,9 +57,9 @@ public class DBSQLInjection extends GoatHillsFinancial
public final static String PRIZE_EMPLOYEE_NAME = "Neville Bartholomew"; public final static String PRIZE_EMPLOYEE_NAME = "Neville Bartholomew";
public final static String STAGE1 = "Stage 1: String SQL Injection"; public final static String STAGE1 = "String SQL Injection";
public final static String STAGE2 = "Stage 2: Block SQL Injection using Bind Variables"; public final static String STAGE2 = "Block SQL Injection using Bind Variables";
public void registerActions(String className) public void registerActions(String className)
{ {

8
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/RoleBasedAccessControl/RoleBasedAccessControl.java
View File

@ -52,13 +52,13 @@ public class RoleBasedAccessControl extends GoatHillsFinancial
{ {
private final static Integer DEFAULT_RANKING = new Integer(125); private final static Integer DEFAULT_RANKING = new Integer(125);
public final static String STAGE1 = "Stage 1: Break Functional Access Control"; public final static String STAGE1 = "Break Functional Access Control";
public final static String STAGE2 = "Stage 2: Add Business Layer Access Control"; public final static String STAGE2 = "Add Business Layer Access Control";
public final static String STAGE3 = "Stage 3: Break Data Layer Access Control"; public final static String STAGE3 = "Break Data Layer Access Control";
public final static String STAGE4 = "Stage 4: Add Data Layer Access Control"; public final static String STAGE4 = "Add Data Layer Access Control";
protected void registerActions(String className) { protected void registerActions(String className) {
registerAction(new ListStaff(this, className, LISTSTAFF_ACTION)); registerAction(new ListStaff(this, className, LISTSTAFF_ACTION));

8
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/SQLInjection/SQLInjection.java
View File

@ -55,13 +55,13 @@ public class SQLInjection extends GoatHillsFinancial
public final static String PRIZE_EMPLOYEE_NAME = "Neville Bartholomew"; public final static String PRIZE_EMPLOYEE_NAME = "Neville Bartholomew";
public final static String STAGE1 = "Stage 1: String SQL Injection"; public final static String STAGE1 = "String SQL Injection";
public final static String STAGE2 = "Stage 2: Parameterized Query #1"; public final static String STAGE2 = "Parameterized Query #1";
public final static String STAGE3 = "Stage 3: Numeric SQL Injection"; public final static String STAGE3 = "Numeric SQL Injection";
public final static String STAGE4 = "Stage 4: Parameterized Query #2"; public final static String STAGE4 = "Parameterized Query #2";
public void registerActions(String className) public void registerActions(String className)
{ {

2
webgoat/main/project/WebContent/main.jsp
View File

@ -100,7 +100,7 @@ StringBuffer buildList = new StringBuffer();
String[] stages = rla.getStages(); String[] stages = rla.getStages();
for (int i=0; i<stages.length; i++) { for (int i=0; i<stages.length; i++) {
%> %>
<tr><td align="right"><%=(rla.isStageComplete(webSession, stages[i]) ? lessonComplete : "")%><a href="<%=lesson.getLink() + "&stage=" + (i+1) %>"><%=stages[i] %></a> <tr><td align="right"><%=(rla.isStageComplete(webSession, stages[i]) ? lessonComplete : "")%><a href="<%=lesson.getLink() + "&stage=" + (i+1) %>">Stage <%=i+1%>: <%=stages[i] %></a>
</td></tr> </td></tr>
<% <%
} }