Actually, I think the problem was happening because the lesson was returning the lesson HTML again incase of incorrect key to eval was throwing an error trying to evaluate a whole bunch of HTML. Fixed this by catching the exception and showing an appropriate message.

git-svn-id: http://webgoat.googlecode.com/svn/trunk@354 4033779f-a91e-0410-96ef-6bf7bf53c507
2008-07-12 05:56:41 +00:00 · 2008-07-12 05:56:41 +00:00 · c8908f6911
commit c8908f6911
parent fbf2a079c8
1 changed files with 46 additions and 15 deletions
--- a/webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DOMInjection.java
+++ b/webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DOMInjection.java
@ -8,6 +8,8 @@ import org.apache.ecs.Element;
 import org.apache.ecs.ElementContainer;
 import org.apache.ecs.StringElement;
 import org.apache.ecs.html.BR;
+import org.apache.ecs.html.Div;
+import org.apache.ecs.html.Form;
 import org.apache.ecs.html.H1;
 import org.apache.ecs.html.IMG;
 import org.apache.ecs.html.Input;
@ -58,12 +60,10 @@ public class DOMInjection extends LessonAdapter
 	private final static IMG MAC_LOGO = new IMG("images/logos/macadamian.gif").setAlt("Macadamian Technologies")
 			.setBorder(0).setHspace(0).setVspace(0);

-	protected Element createContent(WebSession s)
+	private final static String key = "K1JFWP8BSO8HI52LNPQS8F5L01N";
+	
+	public void handleRequest(WebSession s)
 	{
-
-		String key = "K1JFWP8BSO8HI52LNPQS8F5L01N";
-		ElementContainer ec = new ElementContainer();
-
 		try
 		{	
 			String userKey = s.getParser().getRawParameter(KEY, "");
@ -73,23 +73,39 @@ public class DOMInjection extends LessonAdapter
 				s.getResponse().setContentType("text/html");
 				s.getResponse().setHeader("Cache-Control", "no-cache");
 				PrintWriter out = new PrintWriter(s.getResponse().getOutputStream());
+
+
 				out.print("document.forms[0].SUBMIT.disabled = false;");
 				out.flush();
 				out.close();
-				return ec;
+				return ;
 			}
+
+		} catch (Exception e)
+		{
+			e.printStackTrace();
+		}
+		Form form = new Form(getFormAction(), Form.POST).setName("form").setEncType("");
+
+		form.addElement(createContent(s));
+
+		setContent(form);
+	}
+	protected Element createContent(WebSession s)
+	{
+
+
+		ElementContainer ec = new ElementContainer();
+
 		if (s.getRequest().getMethod().equalsIgnoreCase("POST") )
 		{
 			makeSuccess(s);
 		}
-		} catch (Exception e)
-		{
-			s.setMessage("Error generating " + this.getClass().getName());
-			e.printStackTrace();
-		}

 		String lineSep = System.getProperty("line.separator");
-		String script = "<script>" + lineSep + "function validate() {" + lineSep
+		String script = "<script>" + lineSep
+				+ "function validate() {" 
+				+ lineSep
 				+ "var keyField = document.getElementById('key');" + lineSep + "var url = '" + getLink()
 				+ "&from=ajax&key=' + encodeURIComponent(keyField.value);" + lineSep
 				+ "if (typeof XMLHttpRequest != 'undefined') {" + lineSep + "req = new XMLHttpRequest();" + lineSep
@ -97,8 +113,18 @@ public class DOMInjection extends LessonAdapter
 				+ lineSep + "   }" + lineSep + "   req.open('GET', url, true);" + lineSep
 				+ "   req.onreadystatechange = callback;" + lineSep + "   req.send(null);" + lineSep + "}" + lineSep
 				+ "function callback() {" + lineSep + "    if (req.readyState == 4) { " + lineSep
-				+ "        if (req.status == 200) { " + lineSep + "            var message = req.responseText;"
-				+ lineSep + "			 eval(message);" + lineSep + "        }}}" + lineSep + "</script>" + lineSep;
+				+ "        if (req.status == 200) { " + lineSep + "            var message = req.responseText;" + lineSep
+				+ "   var result = req.responseXML.getElementsByTagName('reward');" + lineSep
+				+ "    var messageDiv = document.getElementById('MessageDiv');" + lineSep
+				+ "  try {" + lineSep
+				+ "			 eval(message);" + lineSep + "    " + lineSep
+				+ "        messageDiv.innerHTML = 'Correct licence Key.' " + lineSep
+				+ "      }" + lineSep
+				+ "  catch(err)" + lineSep
+				+ "  { " + lineSep
+				+ "    messageDiv.innerHTML = 'Wrong license key.'" + lineSep
+				+		"} " + lineSep
+				+ "    }}}" + lineSep + "</script>" + lineSep;

 		ec.addElement(new StringElement(script));
 		ec.addElement(new BR().addElement(new H1().addElement("Welcome to WebGoat Registration Page:")));
@ -121,6 +147,7 @@ public class DOMInjection extends LessonAdapter

 		t1.addElement(tr);

+
 		tr = new TR();
 		Input b = new Input();
 		b.setType(Input.SUBMIT);
@ -132,6 +159,10 @@ public class DOMInjection extends LessonAdapter

 		t1.addElement(tr);
 		ec.addElement(t1);
+		Div div = new Div();
+		div.addAttribute("name", "MessageDiv");
+		div.addAttribute("id", "MessageDiv");
+		ec.addElement(div);

 		return ec;
 	}