Merge remote-tracking branch 'upstream/master'

This commit is contained in:
Jason White
2015-10-24 09:12:02 -05:00
4 changed files with 20 additions and 25 deletions
.travis.yml
webgoat-container/src/main
java
org
owasp
webgoat
webapp
WEB-INF
js

@ -14,11 +14,13 @@ before_deploy:
- export WEBGOAT_JAR_FILE=$HOME/build/$TRAVIS_REPO_SLUG/webgoat-container/target/webgoat-container-$WEBGOAT_ARTIFACT_VERSION.jar - export WEBGOAT_JAR_FILE=$HOME/build/$TRAVIS_REPO_SLUG/webgoat-container/target/webgoat-container-$WEBGOAT_ARTIFACT_VERSION.jar
- export WEBGOAT_JAR_EXEC_FILE=$HOME/build/$TRAVIS_REPO_SLUG/webgoat-container/target/webgoat-container-$WEBGOAT_ARTIFACT_VERSION-war-exec.jar - export WEBGOAT_JAR_EXEC_FILE=$HOME/build/$TRAVIS_REPO_SLUG/webgoat-container/target/webgoat-container-$WEBGOAT_ARTIFACT_VERSION-war-exec.jar
- export WEBGOAT_WAR_FILE=$HOME/build/$TRAVIS_REPO_SLUG/webgoat-container/target/webgoat-container-$WEBGOAT_ARTIFACT_VERSION.war - export WEBGOAT_WAR_FILE=$HOME/build/$TRAVIS_REPO_SLUG/webgoat-container/target/webgoat-container-$WEBGOAT_ARTIFACT_VERSION.war
- export WEBGOAT_CONTAINTER_TARGET_DIR=$HOME/build/$TRAVIS_REPO_SLUG/webgoat-container/target
- export WEBGOAT_ARTIFACTS_FOLDER=$HOME/build/$TRAVIS_REPO_SLUG/Deployable_Artifacts/ - export WEBGOAT_ARTIFACTS_FOLDER=$HOME/build/$TRAVIS_REPO_SLUG/Deployable_Artifacts/
- mkdir $WEBGOAT_ARTIFACTS_FOLDER - mkdir $WEBGOAT_ARTIFACTS_FOLDER
- mv $WEBGOAT_JAR_EXEC_FILE $WEBGOAT_ARTIFACTS_FOLDER - cp -fa $WEBGOAT_JAR_EXEC_FILE $WEBGOAT_ARTIFACTS_FOLDER
- mv $WEBGOAT_JAR_FILE $WEBGOAT_ARTIFACTS_FOLDER - cp -fa $WEBGOAT_JAR_FILE $WEBGOAT_ARTIFACTS_FOLDER
- mv $WEBGOAT_WAR_FILE $WEBGOAT_ARTIFACTS_FOLDER - cp -fa $WEBGOAT_WAR_FILE $WEBGOAT_ARTIFACTS_FOLDER
- cp -fa $WEBGOAT_CONTAINTER_TARGET_DIR/* $WEBGOAT_ARTIFACTS_FOLDER
- echo "Contents of artifcts folder:" - echo "Contents of artifcts folder:"
- ls $WEBGOAT_ARTIFACTS_FOLDER - ls $WEBGOAT_ARTIFACTS_FOLDER
deploy: deploy:
@ -39,8 +41,6 @@ notifications:
secure: S9VFew5NSE8WDzYD1VDBUULKKT0fzgblQACznwQ85699b2yeX9TX58N3RZvRS1JVagVP1wu2xOrwN2g+AWx4Ro3UBZD5XG86uTJWpCLD4cRWHBoGMH2TfvI7/IzsWmgxH4MBxFRvZr/eEhlVAux+N9H4EoEdS4CKsJXEqV37PlA= secure: S9VFew5NSE8WDzYD1VDBUULKKT0fzgblQACznwQ85699b2yeX9TX58N3RZvRS1JVagVP1wu2xOrwN2g+AWx4Ro3UBZD5XG86uTJWpCLD4cRWHBoGMH2TfvI7/IzsWmgxH4MBxFRvZr/eEhlVAux+N9H4EoEdS4CKsJXEqV37PlA=
env: env:
global: global:
# The next declaration is the encrypted COVERITY_SCAN_TOKEN, created
# via the "travis encrypt" command using the project repo's public key
- secure: "ZLZKz6lGt8YZ+NhkZPBAlI235+lEmu37Tcf+yTwh5yXuHAlnvvF6hPui7rANA/stbYGOIqIdhGOXbdrwyTU4Pvg78VwJOwsa9RtHJfou3pg4Ud9i0/dEeVl8aakmg2HDaWYGcFox8X1ViVc5UWjuBLztfJKQUEx0buJoWdMSf2E=" - secure: "ZLZKz6lGt8YZ+NhkZPBAlI235+lEmu37Tcf+yTwh5yXuHAlnvvF6hPui7rANA/stbYGOIqIdhGOXbdrwyTU4Pvg78VwJOwsa9RtHJfou3pg4Ud9i0/dEeVl8aakmg2HDaWYGcFox8X1ViVc5UWjuBLztfJKQUEx0buJoWdMSf2E="
addons: addons:
sauce_connect: true sauce_connect: true

@ -13,7 +13,6 @@ import java.net.URL;
import java.nio.file.FileVisitResult; import java.nio.file.FileVisitResult;
import java.nio.file.Files; import java.nio.file.Files;
import java.nio.file.Path; import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.SimpleFileVisitor; import java.nio.file.SimpleFileVisitor;
import java.nio.file.attribute.BasicFileAttributes; import java.nio.file.attribute.BasicFileAttributes;
import java.util.List; import java.util.List;
@ -56,13 +55,9 @@ public class PluginsLoader {
if (!alreadyLoaded) { if (!alreadyLoaded) {
WebappClassLoader cl = (WebappClassLoader) Thread.currentThread().getContextClassLoader(); WebappClassLoader cl = (WebappClassLoader) Thread.currentThread().getContextClassLoader();
cl.setAntiJARLocking(true); cl.setAntiJARLocking(true);
List<URL> jars = listJars(); List<URL> jars = listJars();
Path webInfLib = pluginTarget.getParent().resolve(cl.getJarPath().replaceFirst("\\/", ""));
for (URL jar : jars) { for (URL jar : jars) {
Path sourceJarFile = Paths.get(jar.toURI()); cl.addRepository(jar.toString());
FileUtils.copyFileToDirectory(sourceJarFile.toFile(), webInfLib.toFile());
} }
alreadyLoaded = true; alreadyLoaded = true;
} }

@ -26,19 +26,19 @@
parameters, including zero. parameters, including zero.
--> -->
<context-param> <context-param>
<param-name>email</param-name>
<param-value>webgoat@owasp.org</param-value>
<description> <description>
The EMAIL address of the administrator to whom questions The EMAIL address of the administrator to whom questions
and comments about this application should be addressed. and comments about this application should be addressed.
</description> </description>
<param-name>email</param-name>
<param-value>webgoat@owasp.org</param-value>
</context-param> </context-param>
<context-param> <context-param>
<param-name>emaillist</param-name>
<param-value>owasp-webgoat@lists.owasp.org</param-value>
<description> <description>
The EMAIL address of the webgoat email list The EMAIL address of the webgoat email list
</description> </description>
<param-name>emaillist</param-name>
<param-value>owasp-webgoat@lists.owasp.org</param-value>
</context-param> </context-param>
<!-- spring MVC --> <!-- spring MVC -->
<context-param> <context-param>
@ -73,23 +73,23 @@
You can define any number of servlets, including zero. You can define any number of servlets, including zero.
--> -->
<servlet> <servlet>
<servlet-name>AxisServlet</servlet-name>
<display-name>Apache-Axis Servlet</display-name> <display-name>Apache-Axis Servlet</display-name>
<servlet-name>AxisServlet</servlet-name>
<servlet-class> <servlet-class>
org.apache.axis.transport.http.AxisServlet org.apache.axis.transport.http.AxisServlet
</servlet-class> </servlet-class>
</servlet> </servlet>
<servlet> <servlet>
<servlet-name>AdminServlet</servlet-name>
<display-name>Axis Admin Servlet</display-name> <display-name>Axis Admin Servlet</display-name>
<servlet-name>AdminServlet</servlet-name>
<servlet-class> <servlet-class>
org.apache.axis.transport.http.AdminServlet org.apache.axis.transport.http.AdminServlet
</servlet-class> </servlet-class>
<load-on-startup>100</load-on-startup> <load-on-startup>100</load-on-startup>
</servlet> </servlet>
<servlet> <servlet>
<servlet-name>SOAPMonitorService</servlet-name>
<display-name>SOAPMonitorService</display-name> <display-name>SOAPMonitorService</display-name>
<servlet-name>SOAPMonitorService</servlet-name>
<servlet-class> <servlet-class>
org.apache.axis.monitor.SOAPMonitorService org.apache.axis.monitor.SOAPMonitorService
</servlet-class> </servlet-class>
@ -100,7 +100,6 @@
<load-on-startup>100</load-on-startup> <load-on-startup>100</load-on-startup>
</servlet> </servlet>
<servlet> <servlet>
<servlet-name>WebGoat</servlet-name>
<description> <description>
This servlet plays the "controller" role in the MVC architecture This servlet plays the "controller" role in the MVC architecture
used in this application. used in this application.
@ -110,13 +109,14 @@
filename extension is removed). The corresponding value is the filename extension is removed). The corresponding value is the
name of the action class that will be used to process this request. name of the action class that will be used to process this request.
</description> </description>
<servlet-name>WebGoat</servlet-name>
<servlet-class>org.owasp.webgoat.HammerHead</servlet-class> <servlet-class>org.owasp.webgoat.HammerHead</servlet-class>
<init-param> <init-param>
<param-name>email</param-name>
<param-value>WebGoat@owasp.org</param-value>
<description>The EMAIL address of the administrator to whom questions <description>The EMAIL address of the administrator to whom questions
and comments about this application should be addressed. and comments about this application should be addressed.
</description> </description>
<param-name>email</param-name>
<param-value>WebGoat@owasp.org</param-value>
</init-param> </init-param>
<init-param> <init-param>
<param-name>debug</param-name> <param-name>debug</param-name>
@ -172,17 +172,17 @@
<load-on-startup>5</load-on-startup> <load-on-startup>5</load-on-startup>
</servlet> </servlet>
<servlet> <servlet>
<servlet-name>LessonSource</servlet-name>
<description> <description>
This servlet returns the Java source of the current lesson. This servlet returns the Java source of the current lesson.
</description> </description>
<servlet-name>LessonSource</servlet-name>
<servlet-class>org.owasp.webgoat.LessonSource</servlet-class> <servlet-class>org.owasp.webgoat.LessonSource</servlet-class>
</servlet> </servlet>
<servlet> <servlet>
<servlet-name>Catcher</servlet-name>
<description> <description>
This servlet catches any posts and marks the appropriate lesson property. This servlet catches any posts and marks the appropriate lesson property.
</description> </description>
<servlet-name>Catcher</servlet-name>
<servlet-class>org.owasp.webgoat.Catcher</servlet-class> <servlet-class>org.owasp.webgoat.Catcher</servlet-class>
</servlet> </servlet>
<servlet> <servlet>

@ -35,7 +35,7 @@ function($,
showAboutModal: function() { showAboutModal: function() {
$('#about-modal').show(400); $('#about-modal').show(400);
$('#about-modal div.modal-header button.close').unbind('click').on('click', function() { $('#about-modal div.modal-header button.close, #about-modal div.modal-footer button').unbind('click').on('click', function() {
$('#about-modal').hide(200); $('#about-modal').hide(200);
}); });
} }