dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove unnecessary setMessage() calls

Browse Source 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@200 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
rogan.dawes 2007-07-18 13:37:24 +00:00
parent f831487fa2
commit a2f99be11a
12 changed files with 6 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/CrossSiteScripting/FindProfile.java
View File

@ -101,7 +101,6 @@ public class FindProfile extends DefaultLessonAction
&& searchName.indexOf("alert") > -1
&& searchName.indexOf("</script>") > -1)
{
s.setMessage("Welcome to stage 6 - more input validation");
setStageComplete(s, CrossSiteScripting.STAGE5);
}
}

1
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/CrossSiteScripting/UpdateProfile.java
View File

@ -84,7 +84,6 @@ public class UpdateProfile extends DefaultLessonAction
if (CrossSiteScripting.STAGE2.equals(getStage(s)))
{
setStageComplete(s, CrossSiteScripting.STAGE2);
s.setMessage("Welcome to stage 3 - demonstrate Stored XSS again");
}
throw e;
}

5
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/CrossSiteScripting/ViewProfile.java
View File

@ -221,7 +221,6 @@ public class ViewProfile extends DefaultLessonAction
&& address1.indexOf("</script>") > -1)
{
setStageComplete(s, CrossSiteScripting.STAGE1);
s.setMessage("Welcome to stage 2 - implement input validation");
}
}
else if (CrossSiteScripting.STAGE3.equals(stage))
@ -231,8 +230,6 @@ public class ViewProfile extends DefaultLessonAction
&& address2.indexOf("alert") > -1
&& address2.indexOf("</script>") > -1)
{
s
.setMessage("Welcome to stage 4 - implement output encoding");
setStageComplete(s, CrossSiteScripting.STAGE3);
}
}
@ -240,8 +237,6 @@ public class ViewProfile extends DefaultLessonAction
{
if (employee.getAddress1().toLowerCase().indexOf("&lt;") > -1)
{
s
.setMessage("Welcome to stage 5 - demonstrate reflected XSS");
setStageComplete(s, CrossSiteScripting.STAGE4);
}
}

2
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DBCrossSiteScripting/UpdateProfile.java
View File

@ -128,8 +128,6 @@ public class UpdateProfile extends DefaultLessonAction
if (DBCrossSiteScripting.STAGE2.equals(getStage(s)) && e.getMessage().contains("ORA-06512") &&
!employee.getAddress1().matches("^[a-zA-Z0-9,\\. ]{0,80}$"))
{
s
.setMessage("You have successfully completed this lesson");
setStageComplete(s, DBCrossSiteScripting.STAGE2);
}

1
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DBSQLInjection/Login.java
View File

@ -175,7 +175,6 @@ public class Login extends DefaultLessonAction
statement.setString(2, password);
statement.execute();
setStageComplete(s, DBSQLInjection.STAGE2);
s.setMessage("Congratulations, you have completed " + DBSQLInjection.STAGE2);
}
catch (SQLException sqle2){}
}

9
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/RandomLessonAdapter.java
View File

@ -22,13 +22,16 @@ public abstract class RandomLessonAdapter extends LessonAdapter {
if (lt.getCompleted()) {
s.setMessage("Congratulations, you have completed this lab");
} else {
String message = "You have completed " + stage + ".";
s.setMessage("You have completed " + stage + ".");
if (! stage.equals(lt.getStage()))
message = message + " Welcome to " + lt.getStage();
s.setMessage(message);
s.setMessage(" Welcome to " + lt.getStage());
}
}
public boolean isStageComplete(WebSession s, String stage) {
return getLessonTracker(s).hasCompleted(stage);
}
@Override
public RandomLessonTracker getLessonTracker(WebSession s) {
return (RandomLessonTracker) super.getLessonTracker(s);

1
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/RoleBasedAccessControl/DeleteProfile.java
View File

@ -170,7 +170,6 @@ public class DeleteProfile extends DefaultLessonAction
RoleBasedAccessControl.DELETEPROFILE_ACTION))
{
setStageComplete(s, RoleBasedAccessControl.STAGE1);
s.setMessage("Welcome to stage 2 -- protecting the business layer");
}
}
catch (ParameterNotFoundException e)

4
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/RoleBasedAccessControl/RoleBasedAccessControl.java
View File

@ -241,7 +241,6 @@ public class RoleBasedAccessControl extends GoatHillsFinancial
!isAuthorized(s, getUserId(s), RoleBasedAccessControl.DELETEPROFILE_ACTION))
{
setStageComplete(s, STAGE2);
s.setMessage( "Welcome to stage 3 -- exploiting the data layer" );
}
} catch (ParameterNotFoundException pnfe)
{
@ -263,7 +262,6 @@ public class RoleBasedAccessControl extends GoatHillsFinancial
if (!action.isAuthorizedForEmployee(s, userId, employeeId))
{
s.setMessage("Congratulations. You have successfully completed this lesson.");
setStageComplete(s, STAGE4);
}
} catch (Exception e)
@ -376,7 +374,6 @@ public class RoleBasedAccessControl extends GoatHillsFinancial
if (RoleBasedAccessControl.DELETEPROFILE_ACTION.equals(requestedActionName) &&
!isAuthorized(s, getUserId(s), RoleBasedAccessControl.DELETEPROFILE_ACTION))
{
s.setMessage( "Welcome to stage 3 -- exploiting the data layer" );
setStageComplete(s, STAGE2);
}
} catch (ParameterNotFoundException pnfe)
@ -399,7 +396,6 @@ public class RoleBasedAccessControl extends GoatHillsFinancial
if (!action.isAuthorizedForEmployee(s, userId, employeeId))
{
s.setMessage("Congratulations. You have successfully completed this lesson.");
setStageComplete(s, STAGE4);
}
} catch (Exception e)

1
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/RoleBasedAccessControl/ViewProfile.java
View File

@ -99,7 +99,6 @@ public class ViewProfile extends DefaultLessonAction
&& !isAuthorizedForEmployee(s, userId, employeeId))
{
setStageComplete(s, RoleBasedAccessControl.STAGE3);
s.setMessage("Welcome to stage 4 -- protecting the data layer");
}
}
catch (ParameterNotFoundException e)

1
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/SQLInjection/Login.java
View File

@ -286,7 +286,6 @@ public class Login extends DefaultLessonAction
&& !isAuthenticated(s)
&& login_BACKUP(s, employeeId, password))
{
s.setMessage("Welcome to stage 3");
setStageComplete(s, SQLInjection.STAGE2);
}
}

2
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/SQLInjection/ViewProfile.java
View File

@ -255,8 +255,6 @@ public class ViewProfile extends DefaultLessonAction
if (targetEmployee != null
&& targetEmployee.getId() == SQLInjection.PRIZE_EMPLOYEE_ID)
{
s
.setMessage("Congratulations. You have successfully completed this lesson");
setStageComplete(s, SQLInjection.STAGE4);
}
}

2
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/instructor/RoleBasedAccessControl/RoleBasedAccessControl_i.java
View File

@ -137,7 +137,6 @@ public class RoleBasedAccessControl_i extends RoleBasedAccessControl
!isAuthorized(s, getUserId(s), GoatHillsFinancial.DELETEPROFILE_ACTION))
{
setStageComplete(s, STAGE2);
s.setMessage( "Welcome to stage 3 -- exploiting the data layer" );
}
} catch (ParameterNotFoundException pnfe)
{
@ -159,7 +158,6 @@ public class RoleBasedAccessControl_i extends RoleBasedAccessControl
if (!action.isAuthorizedForEmployee(s, userId, employeeId))
{
s.setMessage("Congratulations. You have successfully completed this lesson.");
setStageComplete(s, STAGE4);
}
} catch (Exception e)