dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Minor Cleanup of imports and user guide url

Browse Source 
git-svn-id: http://webgoat.googlecode.com/svn/trunk@105 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
mayhew64 2007-01-30 23:36:21 +00:00
parent 0ab3ad8293
commit ca46354077
26 changed files with 33 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/BackDoors.java
View File

@ -3,20 +3,18 @@ package org.owasp.webgoat.lessons;
import java.sql.Connection; import java.sql.Connection;
import java.sql.ResultSet; import java.sql.ResultSet;
import java.sql.SQLException; import java.sql.SQLException;
import java.sql.Statement;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
import java.sql.Statement;
import org.apache.ecs.Element; import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer; import org.apache.ecs.ElementContainer;
import org.apache.ecs.StringElement; import org.apache.ecs.StringElement;
import org.apache.ecs.html.H2;
import org.apache.ecs.html.IMG;
import org.apache.ecs.html.PRE;
import org.apache.ecs.html.Span;
import org.apache.ecs.html.Div;
import org.apache.ecs.html.Input;
import org.apache.ecs.html.BR; import org.apache.ecs.html.BR;
import org.apache.ecs.html.Div;
import org.apache.ecs.html.IMG;
import org.apache.ecs.html.Input;
import org.apache.ecs.html.PRE;
import org.apache.ecs.html.TD; import org.apache.ecs.html.TD;
import org.apache.ecs.html.TR; import org.apache.ecs.html.TR;
import org.apache.ecs.html.Table; import org.apache.ecs.html.Table;

1
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/CSRF.java
View File

@ -10,7 +10,6 @@ import java.util.List;
import org.apache.ecs.Element; import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer; import org.apache.ecs.ElementContainer;
import org.apache.ecs.StringElement; import org.apache.ecs.StringElement;
import org.apache.ecs.html.A;
import org.apache.ecs.html.B; import org.apache.ecs.html.B;
import org.apache.ecs.html.H1; import org.apache.ecs.html.H1;
import org.apache.ecs.html.HR; import org.apache.ecs.html.HR;

2
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/LessonAdapter.java
View File

@ -79,7 +79,7 @@ public abstract class LessonAdapter extends AbstractLesson
.addElement(new StringElement( .addElement(new StringElement(
"Lesson are simple to create and very little coding is required.   " "Lesson are simple to create and very little coding is required.   "
+ "In fact, most lessons can be created by following the easy to use instructions in the " + "In fact, most lessons can be created by following the easy to use instructions in the "
+ "<A HREF=http://prdownloads.sourceforge.net/owasp/WebGoatVersion2UserGuide.pdf?download>WebGoat User Guide.</A>&nbsp;&nbsp;" + "<A HREF=http://www.owasp.org/index.php/WebGoat_User_and_Install_Guide_Table_of_Contents>WebGoat User Guide.</A>&nbsp;&nbsp;"
+ "If you would prefer, send your lesson ideas to " + "If you would prefer, send your lesson ideas to "
+ s.getFeedbackAddress())); + s.getFeedbackAddress()));

2
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/NewLesson.java
View File

@ -67,7 +67,7 @@ public class NewLesson extends LessonAdapter
return GENERAL; return GENERAL;
} }
private final static Integer DEFAULT_RANKING = new Integer(5); private final static Integer DEFAULT_RANKING = new Integer(85);
protected Integer getDefaultRanking() protected Integer getDefaultRanking()

10
webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/XMLInjection.java
View File

@ -2,14 +2,14 @@ package org.owasp.webgoat.lessons;
import java.io.PrintWriter; import java.io.PrintWriter;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Hashtable;
import java.util.List;
import java.util.HashMap; import java.util.HashMap;
import java.util.Map; import java.util.List;
import org.apache.ecs.Element; import org.apache.ecs.Element;
import org.apache.ecs.ElementContainer; import org.apache.ecs.ElementContainer;
import org.apache.ecs.StringElement;
import org.apache.ecs.html.BR; import org.apache.ecs.html.BR;
import org.apache.ecs.html.Div;
import org.apache.ecs.html.Form; import org.apache.ecs.html.Form;
import org.apache.ecs.html.H1; import org.apache.ecs.html.H1;
import org.apache.ecs.html.H3; import org.apache.ecs.html.H3;
@ -18,10 +18,6 @@ import org.apache.ecs.html.Input;
import org.apache.ecs.html.TD; import org.apache.ecs.html.TD;
import org.apache.ecs.html.TR; import org.apache.ecs.html.TR;
import org.apache.ecs.html.Table; import org.apache.ecs.html.Table;
import org.apache.ecs.html.Div;
import org.apache.ecs.vxml.Initial;
import org.apache.ecs.StringElement;
import org.owasp.webgoat.session.WebSession; import org.owasp.webgoat.session.WebSession;
/******************************************************************************* /*******************************************************************************

2
webgoat/main/project/WebContent/lessons/CrossSiteScripting/CrossSiteScripting.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java" <%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.CrossSiteScripting.*" import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.CrossSiteScripting.CrossSiteScripting"
errorPage="" %> errorPage="" %>
<style> <style>
<jsp:include page="CrossSiteScripting.css" /> <jsp:include page="CrossSiteScripting.css" />

2
webgoat/main/project/WebContent/lessons/CrossSiteScripting/EditProfile.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java" <%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.CrossSiteScripting.*" import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.CrossSiteScripting.CrossSiteScripting"
errorPage="" %> errorPage="" %>
<% <%
WebSession webSession = ((WebSession)session.getAttribute("websession")); WebSession webSession = ((WebSession)session.getAttribute("websession"));

2
webgoat/main/project/WebContent/lessons/CrossSiteScripting/ListStaff.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java" <%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.CrossSiteScripting.*" import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.CrossSiteScripting.CrossSiteScripting"
errorPage="" %> errorPage="" %>
<% <%
WebSession webSession = ((WebSession)session.getAttribute("websession")); WebSession webSession = ((WebSession)session.getAttribute("websession"));

2
webgoat/main/project/WebContent/lessons/CrossSiteScripting/Login.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java" <%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.CrossSiteScripting.*" import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.CrossSiteScripting.CrossSiteScripting"
errorPage="" %> errorPage="" %>
<div id="lesson_login"> <div id="lesson_login">
<div id="lesson_login_txt"> <div id="lesson_login_txt">

2
webgoat/main/project/WebContent/lessons/CrossSiteScripting/SearchStaff.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java" <%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.CrossSiteScripting.*" import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.CrossSiteScripting.CrossSiteScripting"
errorPage="" %> errorPage="" %>
<div id="lesson_search"> <div id="lesson_search">
<% <%

4
webgoat/main/project/WebContent/lessons/CrossSiteScripting/ViewProfile.jsp
View File

@ -2,7 +2,7 @@
STAGE 4 FIXES Look for the <-- STAGE 4 - FIX STAGE 4 FIXES Look for the <-- STAGE 4 - FIX
--> -->
<%@ page contentType="text/html; charset=ISO-8859-1" language="java" <%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.CrossSiteScripting.*" errorPage="" %> import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.CrossSiteScripting.CrossSiteScripting" errorPage="" %>
<% <%
WebSession webSession = ((WebSession)session.getAttribute("websession")); WebSession webSession = ((WebSession)session.getAttribute("websession"));
Employee employee = (Employee) session.getAttribute("CrossSiteScripting." + CrossSiteScripting.EMPLOYEE_ATTRIBUTE_KEY); Employee employee = (Employee) session.getAttribute("CrossSiteScripting." + CrossSiteScripting.EMPLOYEE_ATTRIBUTE_KEY);
@ -136,7 +136,7 @@ WebSession webSession = ((WebSession)session.getAttribute("websession"));
%> %>
</td> </td>
<td width="60"> <td width="60">
<% <%
if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), CrossSiteScripting.DELETEPROFILE_ACTION)) if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), CrossSiteScripting.DELETEPROFILE_ACTION))
{ {
%> %>

2
webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/EditProfile.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java" <%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.*" import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.RoleBasedAccessControl"
errorPage="" %> errorPage="" %>
<% <%
WebSession webSession = ((WebSession)session.getAttribute("websession")); WebSession webSession = ((WebSession)session.getAttribute("websession"));

2
webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/ListStaff.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java" <%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.*" import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.RoleBasedAccessControl"
errorPage="" %> errorPage="" %>
<% <%
WebSession webSession = ((WebSession)session.getAttribute("websession")); WebSession webSession = ((WebSession)session.getAttribute("websession"));

2
webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/Login.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java" <%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.*" import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.RoleBasedAccessControl"
errorPage="" %> errorPage="" %>
<div id="lesson_login"> <div id="lesson_login">
<div id="lesson_login_txt"> <div id="lesson_login_txt">

2
webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/RoleBasedAccessControl.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java" <%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.*" import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.RoleBasedAccessControl"
errorPage="" %> errorPage="" %>
<style> <style>
<jsp:include page="RoleBasedAccessControl.css" /> <jsp:include page="RoleBasedAccessControl.css" />

2
webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/SearchStaff.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java" <%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.*" import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.RoleBasedAccessControl"
errorPage="" %> errorPage="" %>
<div id="lesson_search"> <div id="lesson_search">
<% <%

2
webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/ViewProfile.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java" <%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.*" import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.RoleBasedAccessControl"
errorPage="" %> errorPage="" %>
<% <%
Employee employee = (Employee) session.getAttribute("RoleBasedAccessControl." + RoleBasedAccessControl.EMPLOYEE_ATTRIBUTE_KEY); Employee employee = (Employee) session.getAttribute("RoleBasedAccessControl." + RoleBasedAccessControl.EMPLOYEE_ATTRIBUTE_KEY);

4
webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/error.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java" <%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.*" import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.RoleBasedAccessControl.RoleBasedAccessControl"
errorPage="" %> errorPage="" %>
<% <%
WebSession webSession = ((WebSession)session.getAttribute("websession")); WebSession webSession = ((WebSession)session.getAttribute("websession"));
@ -9,5 +9,5 @@
<br><br><br> <br><br><br>
<form method="POST" action="attack?menu=<%=webSession.getCurrentMenu()%>"> <form method="POST" action="attack?menu=<%=webSession.getCurrentMenu()%>">
<input type="submit" name="action" value="<%=RoleBasedAccessControl.LOGIN_ACTION%>"/> <input type="submit" name="action" value="<%=RoleBasedAccessControl.LOGIN_ACTION%>"/>
</form> </form>

2
webgoat/main/project/WebContent/lessons/SQLInjection/EditProfile.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java" <%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.SQLInjection.*" import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.SQLInjection.SQLInjection"
errorPage="" %> errorPage="" %>
<% <%
WebSession webSession = ((WebSession)session.getAttribute("websession")); WebSession webSession = ((WebSession)session.getAttribute("websession"));

2
webgoat/main/project/WebContent/lessons/SQLInjection/ListStaff.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java" <%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.SQLInjection.*" import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.SQLInjection.SQLInjection"
errorPage="" %> errorPage="" %>
<% <%
WebSession webSession = ((WebSession)session.getAttribute("websession")); WebSession webSession = ((WebSession)session.getAttribute("websession"));

2
webgoat/main/project/WebContent/lessons/SQLInjection/Login.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java" <%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.SQLInjection.*" import="java.util.*, org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.SQLInjection.SQLInjection"
errorPage="" %> errorPage="" %>
<div id="lesson_login"> <div id="lesson_login">
<div id="lesson_login_txt"> <div id="lesson_login_txt">

2
webgoat/main/project/WebContent/lessons/SQLInjection/SQLInjection.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java" <%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.SQLInjection.*" import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.SQLInjection.SQLInjection"
errorPage="" %> errorPage="" %>
<style> <style>
<jsp:include page="SQLInjection.css" /> <jsp:include page="SQLInjection.css" />

2
webgoat/main/project/WebContent/lessons/SQLInjection/SearchStaff.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java" <%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.SQLInjection.*" import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.SQLInjection.SQLInjection"
errorPage="" %> errorPage="" %>
<div id="lesson_search"> <div id="lesson_search">
<% <%

2
webgoat/main/project/WebContent/lessons/SQLInjection/ViewProfile.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java" <%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.SQLInjection.*" import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.SQLInjection.SQLInjection"
errorPage="" %> errorPage="" %>
<% <%
WebSession webSession = ((WebSession)session.getAttribute("websession")); WebSession webSession = ((WebSession)session.getAttribute("websession"));

2
webgoat/main/project/WebContent/main.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java" <%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.*, java.util.*" import="org.owasp.webgoat.session.*, org.owasp.webgoat.lessons.Category, org.owasp.webgoat.lessons.AbstractLesson, java.util.*"
errorPage="" %> errorPage="" %>
<% <%
Course course = ((Course)session.getAttribute("course")); Course course = ((Course)session.getAttribute("course"));

2
webgoat/main/project/WebContent/sideWindow.jsp
View File

@ -1,5 +1,5 @@
<%@ page contentType="text/html; charset=ISO-8859-1" language="java" <%@ page contentType="text/html; charset=ISO-8859-1" language="java"
import="org.owasp.webgoat.session.*" import="org.owasp.webgoat.session.WebSession"
errorPage="" %> errorPage="" %>
<% <%