dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Password reset link test condition more strict and move all WebWolf links to /WebWolf (#1645)

Browse Source 
* better check on host and port for password reset and make context roots more flexible

* spotless applied

* removed hardcoded /WebGoat from js

* removed hardcoded /WebGoat from js

* fix spotless

* fix scoreboard

* upgrade WebWolf bootstrap version and icons and templates - part 1

* fixed more bootstrap 5 style issues and context path issues

* organized WebSecurityConfig based on latest conventions and added basic support for oauth (more work needed)

* spotless applied

* added mock bean

* requires updates to properties - commented for now

* requires updates to properties - commented for now

* oauth secrets through env values

* user creation after oauth login

* integration test against non default context paths

* adjusted StartupMessage

* add global model element username

* conditionally show login oauth links

* fixed WebWolf login

---------

Co-authored-by: René Zubcevic <rene@Mac-mini-van-Rene.local>
This commit is contained in:
René Zubcevic
2023-11-14 10:01:59 +01:00
committed by GitHub
parent 5a4974f3c2
commit d1e44bbc98
114 changed files with 2763 additions and 546 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/resources/lessons/xss/i18n/WebGoatLabels.properties
View File

@ -17,7 +17,7 @@ xss-reflected-6a-failure=Sorry that is not correct. Look at the example again to
xss-reflected-6a-hint-1=To search through the client side code, use the developer tools of your browser. (If you don't know how to use them, check the <i>Developer Tools</i> Lesson in the general category.)
xss-reflected-6a-hint-2=Since you are looking for application code, check the WebGoat/js/goatApp folder for a file that could handle the routes.
xss-reflected-6a-hint-3=Make sure you add the base route at the start, when submitting your solution.
xss-reflected-6a-hint-4=Still did not find it? Check the <a href="/WebGoat/js/goatApp/view/GoatRouter.js" target="_blank">GoatRouter.js</a> file. It should be pretty easy to determine.
xss-reflected-6a-hint-4=Still did not find it? Check the <a href="js/goatApp/view/GoatRouter.js" target="_blank">GoatRouter.js</a> file. It should be pretty easy to determine.
xss.lesson1.failure=The cookies should be the same on both tabs. Ensure that the tabs are from the same site.
xss-dom-message-success=Correct, I hope you did not cheat, using the console!
xss-dom-message-failure=Incorrect, keep trying. It should be obvious in the log when you are successful.