LessonPlanService class.
* @@ -61,9 +59,6 @@ public class LessonPlanService extends BaseService { WebSession ws = getWebSession(session); String plan = getPlan(ws); return plan; - //SourceListing sl = new SourceListing(); - //sl.setSource(source); - //return sl; } /** @@ -73,15 +68,12 @@ public class LessonPlanService extends BaseService { * @return Description of the Return Value */ protected String getPlan(WebSession s) { - String plan = null; int scr = s.getCurrentScreen(); Course course = s.getCourse(); - if (s.isUser() || s.isChallenge()) { - + if (s.isUser() || s.isAdmin()) { AbstractLesson lesson = course.getLesson(s, scr, AbstractLesson.USER_ROLE); - if (lesson != null) { plan = lesson.getLessonPlan(s); } diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/service/SolutionService.java b/webgoat-container/src/main/java/org/owasp/webgoat/service/SolutionService.java index 8b3187a1a..b91d153b4 100644 --- a/webgoat-container/src/main/java/org/owasp/webgoat/service/SolutionService.java +++ b/webgoat-container/src/main/java/org/owasp/webgoat/service/SolutionService.java @@ -29,7 +29,6 @@ */ package org.owasp.webgoat.service; -import javax.servlet.http.HttpSession; import org.owasp.webgoat.lessons.AbstractLesson; import org.owasp.webgoat.session.Course; import org.owasp.webgoat.session.WebSession; @@ -37,6 +36,8 @@ import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.ResponseBody; +import javax.servlet.http.HttpSession; + /** *SolutionService class.
* @@ -67,23 +68,19 @@ public class SolutionService extends BaseService { * @return a {@link java.lang.String} object. */ protected String getSolution(WebSession s) { - String source = null; int scr = s.getCurrentScreen(); Course course = s.getCourse(); - if (s.isUser() || s.isChallenge()) { - + if (s.isUser() || s.isAdmin()) { AbstractLesson lesson = course.getLesson(s, scr, AbstractLesson.USER_ROLE); - if (lesson != null) { source = lesson.getSolution(s); } } if (source == null) { - return "Solution is not available. Contact " - + s.getWebgoatContext().getFeedbackAddressHTML(); + return "Solution is not available. Contact " + s.getWebgoatContext().getFeedbackAddressHTML(); } - return (source); + return source; } } diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/service/SourceService.java b/webgoat-container/src/main/java/org/owasp/webgoat/service/SourceService.java index 5cbadbbde..059eeb470 100644 --- a/webgoat-container/src/main/java/org/owasp/webgoat/service/SourceService.java +++ b/webgoat-container/src/main/java/org/owasp/webgoat/service/SourceService.java @@ -75,15 +75,12 @@ public class SourceService extends BaseService { * @return Description of the Return Value */ protected String getSource(WebSession s) { - String source = null; int scr = s.getCurrentScreen(); Course course = s.getCourse(); - if (s.isUser() || s.isChallenge()) { - + if (s.isUser() || s.isAdmin()) { AbstractLesson lesson = course.getLesson(s, scr, AbstractLesson.USER_ROLE); - if (lesson != null) { source = lesson.getRawSource(s); } @@ -91,7 +88,7 @@ public class SourceService extends BaseService { if (source == null) { return "Source code is not available for this lesson."; } - return (source.replaceAll("(?s)" + START_SOURCE_SKIP + ".*" + END_SOURCE_SKIP, - "Code Section Deliberately Omitted")); + return source.replaceAll("(?s)" + START_SOURCE_SKIP + ".*" + END_SOURCE_SKIP, + "Code Section Deliberately Omitted"); } } diff --git a/webgoat-container/src/main/webapp/WEB-INF/webgoat.properties b/webgoat-container/src/main/webapp/WEB-INF/webgoat.properties index f96d0c4ec..761512785 100644 --- a/webgoat-container/src/main/webapp/WEB-INF/webgoat.properties +++ b/webgoat-container/src/main/webapp/WEB-INF/webgoat.properties @@ -10,7 +10,6 @@ lesson.BasicAuthentication.hidden=true lesson.BlindScript.hidden=true lesson.RemoteAdminFlaw.hidden=true lesson.HttpSplitting.hidden=true -lesson.BasicAuthentication.hidden=true lesson.SameOriginPolicyProtection.hidden=true lesson.SilentTransactions.hidden=true lesson.TraceXSS.hidden=true