diff --git a/webgoat-container/src/main/java/org/owasp/webgoat/service/ReportCardService.java b/webgoat-container/src/main/java/org/owasp/webgoat/service/ReportCardService.java
index a014e11fb..0337467b1 100644
--- a/webgoat-container/src/main/java/org/owasp/webgoat/service/ReportCardService.java
+++ b/webgoat-container/src/main/java/org/owasp/webgoat/service/ReportCardService.java
@@ -32,6 +32,7 @@ import com.google.common.collect.Lists;
import lombok.AllArgsConstructor;
import lombok.Getter;
import lombok.Setter;
+import org.owasp.webgoat.i18n.PluginMessages;
import org.owasp.webgoat.lessons.AbstractLesson;
import org.owasp.webgoat.session.Course;
import org.owasp.webgoat.session.WebSession;
@@ -57,6 +58,7 @@ public class ReportCardService {
private final WebSession webSession;
private final UserTrackerRepository userTrackerRepository;
private final Course course;
+ private final PluginMessages pluginMessages;
/**
* Endpoint which generates the report card for the current use to show the stats on the solved lessons
@@ -74,7 +76,7 @@ public class ReportCardService {
for (AbstractLesson lesson : lessons) {
LessonTracker lessonTracker = userTracker.getLessonTracker(lesson);
LessonStatistics lessonStatistics = new LessonStatistics();
- lessonStatistics.setName(lesson.getTitle());
+ lessonStatistics.setName(pluginMessages.getMessage(lesson.getTitle()));
lessonStatistics.setNumberOfAttempts(lessonTracker.getNumberOfAttempts());
lessonStatistics.setSolved(lessonTracker.isLessonSolved());
reportCard.lessonStatistics.add(lessonStatistics);
diff --git a/webgoat-container/src/main/resources/templates/main_new.html b/webgoat-container/src/main/resources/templates/main_new.html
index dfcfd7f5e..eadb722c3 100644
--- a/webgoat-container/src/main/resources/templates/main_new.html
+++ b/webgoat-container/src/main/resources/templates/main_new.html
@@ -89,10 +89,12 @@
-
+
+
+
diff --git a/webgoat-container/src/test/java/org/owasp/webgoat/service/ReportCardServiceTest.java b/webgoat-container/src/test/java/org/owasp/webgoat/service/ReportCardServiceTest.java
index 9086741ba..e3c03ad17 100644
--- a/webgoat-container/src/test/java/org/owasp/webgoat/service/ReportCardServiceTest.java
+++ b/webgoat-container/src/test/java/org/owasp/webgoat/service/ReportCardServiceTest.java
@@ -6,6 +6,7 @@ import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.Mock;
import org.mockito.runners.MockitoJUnitRunner;
+import org.owasp.webgoat.i18n.PluginMessages;
import org.owasp.webgoat.lessons.AbstractLesson;
import org.owasp.webgoat.session.Course;
import org.owasp.webgoat.session.WebSession;
@@ -40,10 +41,12 @@ public class ReportCardServiceTest {
private UserTrackerRepository userTrackerRepository;
@Mock
private WebSession websession;
+ @Mock
+ private PluginMessages pluginMessages;
@Before
public void setup() {
- this.mockMvc = standaloneSetup(new ReportCardService(websession, userTrackerRepository, course)).build();
+ this.mockMvc = standaloneSetup(new ReportCardService(websession, userTrackerRepository, course, pluginMessages)).build();
}
@Test
diff --git a/webgoat-lessons/client-side-filtering/src/main/java/org/owasp/webgoat/plugin/ClientSideFiltering.java b/webgoat-lessons/client-side-filtering/src/main/java/org/owasp/webgoat/plugin/ClientSideFiltering.java
index 98a7c4172..84596b1ba 100644
--- a/webgoat-lessons/client-side-filtering/src/main/java/org/owasp/webgoat/plugin/ClientSideFiltering.java
+++ b/webgoat-lessons/client-side-filtering/src/main/java/org/owasp/webgoat/plugin/ClientSideFiltering.java
@@ -56,7 +56,7 @@ public class ClientSideFiltering extends NewLesson {
@Override
public String getTitle() {
- return "Client side filtering";
+ return "client.side.filtering.title";
}
@Override
diff --git a/webgoat-lessons/client-side-filtering/src/main/resources/i18n/WebGoatLabels.properties b/webgoat-lessons/client-side-filtering/src/main/resources/i18n/WebGoatLabels.properties
index a5a163cad..e9a044325 100644
--- a/webgoat-lessons/client-side-filtering/src/main/resources/i18n/WebGoatLabels.properties
+++ b/webgoat-lessons/client-side-filtering/src/main/resources/i18n/WebGoatLabels.properties
@@ -1,3 +1,4 @@
+client.side.filtering.title=Client side filtering
ClientSideFilteringSelectUser=Select user:
ClientSideFilteringUserID=User ID
ClientSideFilteringFirstName=First Name
diff --git a/webgoat-lessons/cross-site-scripting/src/main/java/org/owasp/webgoat/plugin/CrossSiteScripting.java b/webgoat-lessons/cross-site-scripting/src/main/java/org/owasp/webgoat/plugin/CrossSiteScripting.java
index 609fb49cd..c1453a112 100644
--- a/webgoat-lessons/cross-site-scripting/src/main/java/org/owasp/webgoat/plugin/CrossSiteScripting.java
+++ b/webgoat-lessons/cross-site-scripting/src/main/java/org/owasp/webgoat/plugin/CrossSiteScripting.java
@@ -60,7 +60,7 @@ public class CrossSiteScripting extends NewLesson {
@Override
public String getTitle() {
- return "Cross Site Scripting";
+ return "xss.title";
}
@Override
diff --git a/webgoat-lessons/cross-site-scripting/src/main/resources/i18n/WebGoatLabels.properties b/webgoat-lessons/cross-site-scripting/src/main/resources/i18n/WebGoatLabels.properties
index 9d3490287..3f6a96ee2 100644
--- a/webgoat-lessons/cross-site-scripting/src/main/resources/i18n/WebGoatLabels.properties
+++ b/webgoat-lessons/cross-site-scripting/src/main/resources/i18n/WebGoatLabels.properties
@@ -1,4 +1,5 @@
# XSS success, failure messages and hints
+xss.title=Cross Site Scripting
xss-reflected-5a-success=well done, but alerts aren't very impressive are they? Please continue.
xss-reflected-5a-failure=Try again. We do want to see this specific javascript (in case you are trying to do something more fancy)
xss-reflected-5b-success=Correct ... because
The script was not triggered by the URL/QueryString
Even if you use the attack URL in a new tab, it won't execute (becuase of response type). Try it if you like.
diff --git a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/advanced/SqlInjectionAdvanced.java b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/advanced/SqlInjectionAdvanced.java
index 3df685705..5313ac86b 100644
--- a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/advanced/SqlInjectionAdvanced.java
+++ b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/advanced/SqlInjectionAdvanced.java
@@ -53,7 +53,7 @@ public class SqlInjectionAdvanced extends NewLesson {
@Override
public String getTitle() {
- return "SQL Injection (advanced)";
+ return "sql.advanced.title";
}
@Override
diff --git a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjection.java b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjection.java
index d5df3c88a..63d7b0041 100644
--- a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjection.java
+++ b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/introduction/SqlInjection.java
@@ -60,7 +60,7 @@ public class SqlInjection extends NewLesson {
@Override
public String getTitle() {
- return "SQL Injection";
+ return "sql.injection.title";
}
@Override
diff --git a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/mitigation/SqlInjectionMitigations.java b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/mitigation/SqlInjectionMitigations.java
index 463c4dfdc..2546bfb7f 100644
--- a/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/mitigation/SqlInjectionMitigations.java
+++ b/webgoat-lessons/sql-injection/src/main/java/org/owasp/webgoat/plugin/mitigation/SqlInjectionMitigations.java
@@ -53,7 +53,7 @@ public class SqlInjectionMitigations extends NewLesson {
@Override
public String getTitle() {
- return "SQL Injection (mitigations)";
+ return "sql.mitigation.title";
}
@Override
diff --git a/webgoat-lessons/sql-injection/src/main/resources/i18n/WebGoatLabels.properties b/webgoat-lessons/sql-injection/src/main/resources/i18n/WebGoatLabels.properties
index 8f4c69431..409f69b6f 100644
--- a/webgoat-lessons/sql-injection/src/main/resources/i18n/WebGoatLabels.properties
+++ b/webgoat-lessons/sql-injection/src/main/resources/i18n/WebGoatLabels.properties
@@ -1,6 +1,12 @@
#StringSqlInjection.java
StringSqlInjectionSecondStage=Now that you have successfully performed an SQL injection, try the same type of attack on a parameterized query. Restart the lesson if you wish to return to the injectable query.
EnterLastName=Enter your last name:
+
+sql.injection.title=SQL Injection
+sql.mitigation.title=SQL Injection (mitigation)
+sql.advanced.title=SQL Injection (advanced)
+
+
NoResultsMatched=No results matched. Try Again.
SqlStringInjectionHint1=The application is taking your input and inserting it at the end of a pre-formed SQL command.
SqlStringInjectionHint2=This is the code for the query being built and issued by WebGoat:
"SELECT * FROM user_data WHERE last_name = "accountName"
diff --git a/webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/plugin/XXE.java b/webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/plugin/XXE.java
index 43ebad5ac..b35433e30 100644
--- a/webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/plugin/XXE.java
+++ b/webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/plugin/XXE.java
@@ -58,7 +58,7 @@ public class XXE extends NewLesson {
@Override
public String getTitle() {
- return "XXE";
+ return "xxe.title";
}
@Override
diff --git a/webgoat-lessons/xxe/src/main/resources/i18n/WebGoatLabels.properties b/webgoat-lessons/xxe/src/main/resources/i18n/WebGoatLabels.properties
index 877a3774c..5ef01ab9d 100644
--- a/webgoat-lessons/xxe/src/main/resources/i18n/WebGoatLabels.properties
+++ b/webgoat-lessons/xxe/src/main/resources/i18n/WebGoatLabels.properties
@@ -22,6 +22,7 @@
# projects.
#
#
+xxe.title=XXE
xxe.simple.output=Welcome {0} you can now login to our website
xxe.content.type.feedback.json=You are posting JSON which does not work with a XXE
xxe.content.type.feedback.xml=You are posting XML but there is no XXE attack performed