Create directories ru/en/de and copy there plans of lessons. In ru-directory i put english files for translate them in future.

git-svn-id: http://webgoat.googlecode.com/svn/trunk@421 4033779f-a91e-0410-96ef-6bf7bf53c507
2011-05-22 11:22:28 +00:00
parent 77a6dd70a1
commit b22a537130
144 changed files with 2649 additions and 0 deletions
--- a/webgoat/src/main/webapp/lesson_plans/ru/JavaScriptValidation.html
+++ b/webgoat/src/main/webapp/lesson_plans/ru/JavaScriptValidation.html
@ -0,0 +1,14 @@
+<div align="Center">
+<p><b>Lesson Plan Title:</b> How to Bypass Client Side JavaScript Validation </p>
+</div>
+<p><b>Concept / Topic To Teach:</b> </p>
+
+Client-side validation should not be considered a secure means of validating parameters. These validations only help reduce the amount of server processing time for normal users who do not know the format of required input. Attackers can bypass these mechanisms easily in various ways. Any client-side validation should be duplicated on the server side. This will greatly reduce the likelihood of insecure parameter values being used in the application.
+
+<br>
+<p><b>General Goal(s):</b> </p>
+For this exercise, the web site requires that you follow certain rules when you fill out a form. The user should be able to break those rules, and send the website input that it wasn't expecting. <br>
+<!-- Start Instructions -->
+This website performs both client and server side validation.  For this exercise, your job is to break the client side validation and send the 
+ website input that it wasn't expecting. <b> You must break all 7 validators at the same time. </b>
+<!-- Stop Instructions -->