From 94caba7eb14917b709e346b73adef4eb088a31f8 Mon Sep 17 00:00:00 2001
From: Nanne Baars <nanne.baars@owasp.org>
Date: Wed, 13 Sep 2017 00:22:52 +0200
Subject: [PATCH] Landing page incoming requests now look whether the referer
 is WebGoat (all incoming requests from WebGoat will now be logged)

---
 .../org/owasp/webwolf/requests/WebWolfTraceRepository.java    | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/webwolf/src/main/java/org/owasp/webwolf/requests/WebWolfTraceRepository.java b/webwolf/src/main/java/org/owasp/webwolf/requests/WebWolfTraceRepository.java
index 7f341d606..22c8e6d61 100644
--- a/webwolf/src/main/java/org/owasp/webwolf/requests/WebWolfTraceRepository.java
+++ b/webwolf/src/main/java/org/owasp/webwolf/requests/WebWolfTraceRepository.java
@@ -58,8 +58,8 @@ public class WebWolfTraceRepository implements TraceRepository {
     @Override
     public void add(Map<String, Object> map) {
         Optional<String> host = getFromHeaders("host", map);
-        String path = (String) map.getOrDefault("path", "");
-        if (host.isPresent() && ("/".equals(path) || path.contains("challenge"))) {
+        Optional<String> referer = getFromHeaders("referer", map);
+        if (host.isPresent() && referer.orElse("").contains("WebGoat")) {
             Optional<String> cookie = getFromHeaders("cookie", map);
             cookie.ifPresent(c -> {
                 Optional<String> user = findUserBasedOnCookie(c);