dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Minor Cleanup of imports and user guide url

Browse Source 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@105 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
mayhew64 2007-01-30 23:36:21 +00:00
parent 0ab3ad8293
commit ca46354077
26 changed files with 33 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/BackDoors.java
View File

@ -3,20 +3,18 @@ package org.owasp.webgoat.lessons;
import java.sql.Connection;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.ArrayList;
import java.util.List;
import java.sql.Statement;
import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer;
import org.apache.ecs.StringElement;
import org.apache.ecs.html.H2;
import org.apache.ecs.html.IMG;
import org.apache.ecs.html.PRE;
import org.apache.ecs.html.Span;
import org.apache.ecs.html.Div;
import org.apache.ecs.html.Input;
import org.apache.ecs.html.BR;
import org.apache.ecs.html.Div;
import org.apache.ecs.html.IMG;
import org.apache.ecs.html.Input;
import org.apache.ecs.html.PRE;
import org.apache.ecs.html.TD;
import org.apache.ecs.html.TR;
import org.apache.ecs.html.Table;

1
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/CSRF.java
View File

@ -10,7 +10,6 @@ import java.util.List;
import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer;
import org.apache.ecs.StringElement;
import org.apache.ecs.html.A;
import org.apache.ecs.html.B;
import org.apache.ecs.html.H1;
import org.apache.ecs.html.HR;

2
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/LessonAdapter.java
View File

@ -79,7 +79,7 @@ public abstract class LessonAdapter extends AbstractLesson
.addElement(new StringElement(
"Lesson are simple to create and very little coding is required.   "
+ "In fact, most lessons can be created by following the easy to use instructions in the "
+ "<A HREF=http://prdownloads.sourceforge.net/owasp/WebGoatVersion2UserGuide.pdf?download>WebGoat User Guide.</A>&nbsp;&nbsp;"
+ "<A HREF=http://www.owasp.org/index.php/WebGoat_User_and_Install_Guide_Table_of_Contents>WebGoat User Guide.</A>&nbsp;&nbsp;"
+ "If you would prefer, send your lesson ideas to "
+ s.getFeedbackAddress()));

2
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/NewLesson.java
View File

@ -67,7 +67,7 @@ public class NewLesson extends LessonAdapter
return GENERAL;
}
private final static Integer DEFAULT_RANKING = new Integer(5);
private final static Integer DEFAULT_RANKING = new Integer(85);
protected Integer getDefaultRanking()

10
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/XMLInjection.java
View File

@ -2,14 +2,14 @@ package org.owasp.webgoat.lessons;
import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.Hashtable;
import java.util.List;
import java.util.HashMap;
import java.util.Map;
import java.util.List;
import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer;
import org.apache.ecs.StringElement;
import org.apache.ecs.html.BR;
import org.apache.ecs.html.Div;
import org.apache.ecs.html.Form;
import org.apache.ecs.html.H1;
import org.apache.ecs.html.H3;
@ -18,10 +18,6 @@ import org.apache.ecs.html.Input;
import org.apache.ecs.html.TD;
import org.apache.ecs.html.TR;
import org.apache.ecs.html.Table;
import org.apache.ecs.html.Div;
import org.apache.ecs.vxml.Initial;
import org.apache.ecs.StringElement;
import org.owasp.webgoat.session.WebSession;
/*******************************************************************************

2
webgoat/main/project/WebContent/lessons/CrossSiteScripting/CrossSiteScripting.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.CrossSiteScripting.*"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.CrossSiteScripting.CrossSiteScripting"
errorPage="" %>
<style>
<jsp:include page="CrossSiteScripting.css" />

2
webgoat/main/project/WebContent/lessons/CrossSiteScripting/EditProfile.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.CrossSiteScripting.*"
import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.CrossSiteScripting.CrossSiteScripting"
errorPage="" %>
<%
WebSession webSession = ((WebSession)session.getAttribute("websession"));

2
webgoat/main/project/WebContent/lessons/CrossSiteScripting/ListStaff.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.CrossSiteScripting.*"
import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.CrossSiteScripting.CrossSiteScripting"
errorPage="" %>
<%
WebSession webSession = ((WebSession)session.getAttribute("websession"));

2
webgoat/main/project/WebContent/lessons/CrossSiteScripting/Login.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.CrossSiteScripting.*"
import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.CrossSiteScripting.CrossSiteScripting"
errorPage="" %>
<div id="lesson_login">
<div id="lesson_login_txt">

2
webgoat/main/project/WebContent/lessons/CrossSiteScripting/SearchStaff.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.CrossSiteScripting.*"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.CrossSiteScripting.CrossSiteScripting"
errorPage="" %>
<div id="lesson_search">
<%

4
webgoat/main/project/WebContent/lessons/CrossSiteScripting/ViewProfile.jsp
View File

@ -2,7 +2,7 @@
STAGE 4 FIXES Look for the <-- STAGE 4 - FIX
-->
<%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.CrossSiteScripting.*" errorPage="" %>
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.CrossSiteScripting.CrossSiteScripting" errorPage="" %>
<%
WebSession webSession = ((WebSession)session.getAttribute("websession"));
Employee employee = (Employee) session.getAttribute("CrossSiteScripting." + CrossSiteScripting.EMPLOYEE_ATTRIBUTE_KEY);
@ -136,7 +136,7 @@ WebSession webSession = ((WebSession)session.getAttribute("websession"));
%>
</td>
<td width="60">
<%
<%
if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), CrossSiteScripting.DELETEPROFILE_ACTION))
{
%>

2
webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/EditProfile.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.*"
import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.RoleBasedAccessControl"
errorPage="" %>
<%
WebSession webSession = ((WebSession)session.getAttribute("websession"));

2
webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/ListStaff.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.*"
import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.RoleBasedAccessControl"
errorPage="" %>
<%
WebSession webSession = ((WebSession)session.getAttribute("websession"));

2
webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/Login.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.*"
import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.RoleBasedAccessControl"
errorPage="" %>
<div id="lesson_login">
<div id="lesson_login_txt">

2
webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/RoleBasedAccessControl.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.*"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.RoleBasedAccessControl"
errorPage="" %>
<style>
<jsp:include page="RoleBasedAccessControl.css" />

2
webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/SearchStaff.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.*"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.RoleBasedAccessControl"
errorPage="" %>
<div id="lesson_search">
<%

2
webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/ViewProfile.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.*"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.RoleBasedAccessControl"
errorPage="" %>
<%
Employee employee = (Employee) session.getAttribute("RoleBasedAccessControl." + RoleBasedAccessControl.EMPLOYEE_ATTRIBUTE_KEY);

4
webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/error.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.*"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.RoleBasedAccessControl"
errorPage="" %>
<%
WebSession webSession = ((WebSession)session.getAttribute("websession"));
@ -9,5 +9,5 @@
<br><br><br>
<form method="POST" action="attack?menu=<%=webSession.getCurrentMenu()%>">
<input type="submit" name="action" value="<%=RoleBasedAccessControl.LOGIN_ACTION%>"/>
<input type="submit" name="action" value="<%=RoleBasedAccessControl.LOGIN_ACTION%>"/>
</form>

2
webgoat/main/project/WebContent/lessons/SQLInjection/EditProfile.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.SQLInjection.*"
import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.SQLInjection.SQLInjection"
errorPage="" %>
<%
WebSession webSession = ((WebSession)session.getAttribute("websession"));

2
webgoat/main/project/WebContent/lessons/SQLInjection/ListStaff.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.SQLInjection.*"
import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.SQLInjection.SQLInjection"
errorPage="" %>
<%
WebSession webSession = ((WebSession)session.getAttribute("websession"));

2
webgoat/main/project/WebContent/lessons/SQLInjection/Login.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.SQLInjection.*"
import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.SQLInjection.SQLInjection"
errorPage="" %>
<div id="lesson_login">
<div id="lesson_login_txt">

2
webgoat/main/project/WebContent/lessons/SQLInjection/SQLInjection.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.SQLInjection.*"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.SQLInjection.SQLInjection"
errorPage="" %>
<style>
<jsp:include page="SQLInjection.css" />

2
webgoat/main/project/WebContent/lessons/SQLInjection/SearchStaff.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.SQLInjection.*"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.SQLInjection.SQLInjection"
errorPage="" %>
<div id="lesson_search">
<%

2
webgoat/main/project/WebContent/lessons/SQLInjection/ViewProfile.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.SQLInjection.*"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.SQLInjection.SQLInjection"
errorPage="" %>
<%
WebSession webSession = ((WebSession)session.getAttribute("websession"));

2
webgoat/main/project/WebContent/main.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.*, java.util.*"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.Category, org.owasp.webgoat.lessons.AbstractLesson, java.util.*"
errorPage="" %>
<%
Course course = ((Course)session.getAttribute("course"));

2
webgoat/main/project/WebContent/sideWindow.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="org.owasp.webgoat.session.*"
import="org.owasp.webgoat.session.WebSession"
errorPage="" %>
<%