From ba38b57a44cd891f815e7443045870326aa5955f Mon Sep 17 00:00:00 2001 From: "sherif.fathy" Date: Fri, 29 Dec 2006 16:43:59 +0000 Subject: [PATCH] Modified DOMInjection per Bruce's comments git-svn-id: http://webgoat.googlecode.com/svn/trunk@54 4033779f-a91e-0410-96ef-6bf7bf53c507 --- .../JavaSource/org/owasp/webgoat/lessons/DOMInjection.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DOMInjection.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DOMInjection.java index 2de1c05e0..0e1eef35d 100644 --- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DOMInjection.java +++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DOMInjection.java @@ -130,7 +130,7 @@ public class DOMInjection extends LessonAdapter { List hints = new ArrayList(); hints.add( "This page is using XMLHTTP to comunicate with the server." ); hints.add( "Try to find a way to inject the DOM to enable the Activate button." ); - hints.add( "Intercept the reply and add document.forms[0].SUBMIT.disabled = false;" ); + hints.add( "Intercept the reply and replace the body withx document.forms[0].SUBMIT.disabled = false;" ); return hints; }