diff --git a/webgoat/main/Eclipse-Workspace.zip b/webgoat/main/Eclipse-Workspace.zip index 8205dca87..e5a6adda4 100644 Binary files a/webgoat/main/Eclipse-Workspace.zip and b/webgoat/main/Eclipse-Workspace.zip differ diff --git a/webgoat/main/eclipse.bat b/webgoat/main/eclipse.bat index 876f5f7c3..ab43f23cf 100644 --- a/webgoat/main/eclipse.bat +++ b/webgoat/main/eclipse.bat @@ -1,11 +1,11 @@ ECHO OFF -IF NOT EXIST workspace GOTO UNPACK +IF NOT EXIST WebGoat_5_2_workspace GOTO UNPACK set JAVAHOME=java set PATH=%JAVAHOME%\bin;%PATH% set ECLIPSE_HOME=eclipse SET JAVA_OPTS=%JAVA_OPTS% -Xms128m -Xmx768m -%ECLIPSE_HOME%\eclipse.exe -data .\workspace +%ECLIPSE_HOME%\eclipse.exe -data .\WebGoat_5_2_workspace GOTO END :UNPACK diff --git a/webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/AbstractLesson.java b/webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/AbstractLesson.java index ae6ac7729..6b0c337f4 100644 --- a/webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/AbstractLesson.java +++ b/webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/AbstractLesson.java @@ -3,7 +3,6 @@ package org.owasp.webgoat.lessons; import java.io.BufferedReader; import java.io.FileReader; -import java.io.IOException; import java.io.InputStreamReader; import java.io.StringReader; import java.net.HttpURLConnection; @@ -12,6 +11,7 @@ import java.sql.ResultSet; import java.sql.SQLException; import java.sql.Statement; import java.util.List; + import org.apache.ecs.Element; import org.apache.ecs.ElementContainer; import org.apache.ecs.StringElement; @@ -531,7 +531,7 @@ public abstract class AbstractLesson extends Screen implements Comparable"); } - Html html = new Html(); - - Head head = new Head(); - head.addElement(new Title(getLessonSolutionFileName())); - - Body body = new Body(); - body.addElement(new StringElement(src)); - - html.addElement(head); - html.addElement(body); - + // Solutions are html files return src; } diff --git a/webgoat/main/project/WebContent/css/webgoat.css b/webgoat/main/project/WebContent/css/webgoat.css index 25d7eeaf9..b2fe1f547 100644 --- a/webgoat/main/project/WebContent/css/webgoat.css +++ b/webgoat/main/project/WebContent/css/webgoat.css @@ -218,9 +218,24 @@ html>body #navBar li {} #reset { text-align: right; font-weight: bold; + float: right; + display: inline; margin-bottom: 10px; } +#training { + text-align: left; + font-weight: bold; + display: inline; + float: left; + margin-bottom: 10px; + +} + +#training_wrap { + width: 540px; +} + #hint{} #parameter{} #cookie{} diff --git a/webgoat/main/project/WebContent/main.jsp b/webgoat/main/project/WebContent/main.jsp index bc245e4a8..55cc9dcfc 100644 --- a/webgoat/main/project/WebContent/main.jsp +++ b/webgoat/main/project/WebContent/main.jsp @@ -177,7 +177,10 @@ StringBuffer buildList = new StringBuffer(); if (currentLesson != null) { %> +
+ +
<% } diff --git a/webgoat/main/readme.txt b/webgoat/main/readme.txt index 253ee6a44..dcd4cea0b 100644 --- a/webgoat/main/readme.txt +++ b/webgoat/main/readme.txt @@ -1,5 +1,5 @@ -********** WebGoat 5.1 -********** Jan/08/2008 +********** WebGoat 5.2 +********** July/08/2008 ********** ** ** Source Code: http://code.google.com/p/webgoat @@ -37,7 +37,9 @@ CREDITS (Latest release) Bruce Mayhew (http://www.ouncelabs.com) Rogan Dawes (http://dawes.za.net/rogan) - Eric Sheridan (http://www.aspectsecurity.com) + Reto Lippuner + Marcel Wirth + Aung Khant (http://yehg.org) Erwin Geirnaert (http://www.zionsecurity.com) The many people who have sent comments and suggestions... @@ -45,9 +47,12 @@ CREDITS (Latest release) WHAT'S NEW * WebGoat is now current at Google code. (http://code.google.com/p/webgoat) - * Database Lessons - * XSS Phishing - * Lesson Solutions + * Introduction and WebGoat instructions + * Multi Level Login Lesson + * Session Fixation Lesson + * Insecure Login Lesson + * Lesson Solution Videos + * Bug Report Feature * Many upgrades and minor fixes