Make it possible to return per-stage hints
git-svn-id: http://webgoat.googlecode.com/svn/trunk@144 4033779f-a91e-0410-96ef-6bf7bf53c507
This commit is contained in:
rogan.dawes
parent
d39975c299
commit
e6fcd4176c
@ -353,27 +353,29 @@ public abstract class AbstractLesson extends Screen implements Comparable
|
||||
|
||||
/**
|
||||
* Gets the hintCount attribute of the Lesson object
|
||||
* @param s The user's WebSession
|
||||
*
|
||||
* @return The hintCount value
|
||||
*/
|
||||
public int getHintCount()
|
||||
public int getHintCount(WebSession s)
|
||||
{
|
||||
return getHints().size();
|
||||
return getHints(s).size();
|
||||
}
|
||||
|
||||
|
||||
protected abstract List getHints();
|
||||
protected abstract List<String> getHints(WebSession s);
|
||||
|
||||
|
||||
/**
|
||||
* Fill in a minor hint that will help people who basically get it, but
|
||||
* are stuck on somthing silly.
|
||||
* @param s The users WebSession
|
||||
*
|
||||
* @return The hint1 value
|
||||
*/
|
||||
public String getHint(int hintNumber)
|
||||
public String getHint(WebSession s, int hintNumber)
|
||||
{
|
||||
return (String) getHints().get(hintNumber);
|
||||
return getHints(s).get(hintNumber);
|
||||
}
|
||||
|
||||
|
||||
@ -409,7 +411,7 @@ public abstract class AbstractLesson extends Screen implements Comparable
|
||||
* Gets the content of lessonPlanURL
|
||||
*
|
||||
* @param s
|
||||
* TODO
|
||||
* The user's WebSession
|
||||
*
|
||||
* @return The HTML content of the current lesson plan
|
||||
*/
|
||||
|
||||
@ -135,7 +135,7 @@ public class AccessControlMatrix extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints.add("Many sites attempt to restrict access to resources by role.");
|
||||
|
||||
@ -264,7 +264,7 @@ public class BackDoors extends LessonAdapter
|
||||
}
|
||||
|
||||
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints.add("Your user id is 101. Use it to see your information");
|
||||
|
||||
@ -272,7 +272,7 @@ public class BasicAuthentication extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
public List getHints()
|
||||
public List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
// int stage = getLessonTracker(session, BASIC).getStage();
|
||||
|
||||
@ -198,7 +198,7 @@ public class BlindSqlInjection extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
if (runningOnWindows())
|
||||
|
||||
@ -73,7 +73,7 @@ public class BufferOverflow extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
public List getHints()
|
||||
public List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints.add("Lesson Hint 1");
|
||||
|
||||
@ -292,7 +292,7 @@ public class CSRF extends LessonAdapter {
|
||||
}
|
||||
|
||||
@Override
|
||||
protected List getHints() {
|
||||
protected List<String> getHints(WebSession s) {
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints.add( "Enter some text and try to include an image in there." );
|
||||
hints.add( "In order to make the picture almost invisible try to add width=\"1\" and height=\"1\"." );
|
||||
|
||||
@ -504,7 +504,7 @@ public class Challenge2Screen extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
protected List getHints(WebSession s)
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
//<START_OMIT_SOURCE>
|
||||
|
||||
|
||||
@ -333,7 +333,7 @@ public class CommandInjection extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints
|
||||
|
||||
@ -207,7 +207,7 @@ public class CrossSiteScripting extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
|
||||
|
||||
@ -173,7 +173,7 @@ public class DOMInjection extends LessonAdapter
|
||||
}
|
||||
|
||||
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
|
||||
List<String> hints = new ArrayList<String>();
|
||||
|
||||
@ -199,7 +199,7 @@ public class DOS_Login extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints.add("Use a SQL Injection to obtain the user names. ");
|
||||
|
||||
@ -575,7 +575,7 @@ public class Encoding extends LessonAdapter
|
||||
* @return The hints value
|
||||
*/
|
||||
|
||||
public List getHints()
|
||||
public List<String> getHints(WebSession s)
|
||||
{
|
||||
|
||||
List<String> hints = new ArrayList<String>();
|
||||
|
||||
@ -142,7 +142,7 @@ public class FailOpenAuthentication extends WeakAuthenticationCookie
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints.add("You can force errors during the authentication process.");
|
||||
|
||||
@ -116,7 +116,7 @@ public class ForcedBrowsing extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
public List getHints()
|
||||
public List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints.add("Try to guess the URL for the config page");
|
||||
|
||||
@ -299,7 +299,7 @@ public class ForgotPassword extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
public List getHints()
|
||||
public List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
|
||||
|
||||
@ -185,7 +185,7 @@ public class HiddenFieldTampering extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints
|
||||
|
||||
@ -198,7 +198,7 @@ public class HtmlClues extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints
|
||||
|
||||
@ -93,7 +93,7 @@ public class HttpBasics extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
public List getHints()
|
||||
public List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints.add("Type in your name and press 'go'");
|
||||
|
||||
@ -158,7 +158,7 @@ public class HttpOnly extends LessonAdapter {
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints.add( "Read the directions and try out the buttons." );
|
||||
|
||||
@ -246,7 +246,7 @@ public class HttpSplitting extends LessonAdapter
|
||||
}
|
||||
|
||||
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
|
||||
List<String> hints = new ArrayList<String>();
|
||||
|
||||
@ -284,7 +284,7 @@ public class JSONInjection extends LessonAdapter
|
||||
}
|
||||
|
||||
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints.add("JSON stands for JavaScript Object Notation.");
|
||||
|
||||
@ -279,7 +279,7 @@ public class JavaScriptValidation extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
|
||||
|
||||
@ -223,9 +223,9 @@ public abstract class LessonAdapter extends AbstractLesson
|
||||
*
|
||||
* @return The hintCount value
|
||||
*/
|
||||
public int getHintCount()
|
||||
public int getHintCount(WebSession s)
|
||||
{
|
||||
return getHints().size();
|
||||
return getHints(s).size();
|
||||
}
|
||||
|
||||
|
||||
@ -236,7 +236,7 @@ public abstract class LessonAdapter extends AbstractLesson
|
||||
*
|
||||
* @return The hint1 value
|
||||
*/
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints.add("There are no hints defined.");
|
||||
@ -245,9 +245,9 @@ public abstract class LessonAdapter extends AbstractLesson
|
||||
}
|
||||
|
||||
|
||||
public String getHint(int hintNumber)
|
||||
public String getHint(WebSession s, int hintNumber)
|
||||
{
|
||||
return (String) getHints().get(hintNumber);
|
||||
return (String) getHints(s).get(hintNumber);
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -140,7 +140,7 @@ public class LogSpoofing extends LessonAdapter
|
||||
|
||||
|
||||
@Override
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints.add("Try to fool the humane eye by using new lines.");
|
||||
|
||||
@ -250,7 +250,7 @@ public class PathBasedAccessControl extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints
|
||||
|
||||
@ -171,7 +171,7 @@ public class Phishing extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints
|
||||
|
||||
@ -241,7 +241,7 @@ public class ReflectedXSS extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints
|
||||
|
||||
@ -82,7 +82,7 @@ public class RemoteAdminFlaw extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
public List getHints()
|
||||
public List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints.add("WebGoat has 2 admin interfaces.");
|
||||
|
||||
@ -200,7 +200,7 @@ public class RoleBasedAccessControl extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints
|
||||
|
||||
@ -210,7 +210,7 @@ public class SQLInjection extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints
|
||||
|
||||
@ -272,7 +272,7 @@ public class SilentTransactions extends LessonAdapter
|
||||
}
|
||||
|
||||
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints.add("Check the javascript in the HTML source.");
|
||||
|
||||
@ -97,7 +97,7 @@ public class SoapRequest extends LessonAdapter
|
||||
}
|
||||
|
||||
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints
|
||||
|
||||
@ -343,7 +343,7 @@ public class SqlNumericInjection extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints
|
||||
|
||||
@ -259,7 +259,7 @@ public class SqlStringInjection extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints
|
||||
|
||||
@ -157,7 +157,7 @@ public class StoredXss extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints.add("You can put HTML tags in your message.");
|
||||
|
||||
@ -137,7 +137,7 @@ public class ThreadSafetyProblem extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints
|
||||
|
||||
@ -242,7 +242,7 @@ public class TraceXSS extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints
|
||||
|
||||
@ -215,7 +215,7 @@ public class UncheckedEmail extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints.add("Try sending an anonymous message to yourself.");
|
||||
|
||||
@ -99,7 +99,7 @@ public class WSDLScanning extends LessonAdapter
|
||||
}
|
||||
|
||||
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints
|
||||
|
||||
@ -260,7 +260,7 @@ public class WeakAuthenticationCookie extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints
|
||||
|
||||
@ -158,7 +158,7 @@ public class WeakSessionID extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints
|
||||
|
||||
@ -94,7 +94,7 @@ public class WsSAXInjection extends LessonAdapter
|
||||
}
|
||||
|
||||
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
|
||||
|
||||
@ -87,7 +87,7 @@ public class WsSqlInjection extends LessonAdapter
|
||||
}
|
||||
|
||||
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints
|
||||
|
||||
@ -338,7 +338,7 @@ public class XMLInjection extends LessonAdapter
|
||||
}
|
||||
|
||||
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
|
||||
List<String> hints = new ArrayList<String>();
|
||||
|
||||
@ -242,7 +242,7 @@ public class XPATHInjection extends LessonAdapter
|
||||
}
|
||||
|
||||
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
// TODO Auto-generated method stub
|
||||
List<String> hints = new ArrayList<String>();
|
||||
|
||||
@ -133,7 +133,7 @@ public class ViewDatabase extends LessonAdapter
|
||||
*
|
||||
* @return The hints value
|
||||
*/
|
||||
protected List getHints()
|
||||
protected List<String> getHints(WebSession s)
|
||||
{
|
||||
List<String> hints = new ArrayList<String>();
|
||||
hints.add("There are no hints defined");
|
||||
|
||||
@ -447,10 +447,12 @@ public class WebSession
|
||||
public String getHint()
|
||||
{
|
||||
String hint = null;
|
||||
|
||||
int hints = getCurrentLesson().getHintCount(this);
|
||||
if (getHintNum() > hints)
|
||||
hintNum = -1;
|
||||
if ( getHintNum() >= 0 )
|
||||
// FIXME
|
||||
hint = getCurrentLesson().getHint( getHintNum() );
|
||||
hint = getCurrentLesson().getHint( this, getHintNum() );
|
||||
|
||||
return hint;
|
||||
}
|
||||
@ -1015,7 +1017,7 @@ public class WebSession
|
||||
String hint = null;
|
||||
|
||||
// FIXME
|
||||
int maxHints = getCurrentLesson().getHintCount();
|
||||
int maxHints = getCurrentLesson().getHintCount(this);
|
||||
if ( hintNum < maxHints - 1 )
|
||||
{
|
||||
hintNum++;
|
||||
@ -1023,7 +1025,7 @@ public class WebSession
|
||||
// Hints are indexed from 0
|
||||
getCurrentLesson().getLessonTracker( this ).setMaxHintLevel( getHintNum() + 1 );
|
||||
|
||||
hint = (String) getCurrentLesson().getHint( getHintNum() );
|
||||
hint = (String) getCurrentLesson().getHint( this, getHintNum() );
|
||||
}
|
||||
|
||||
return hint;
|
||||
@ -1040,7 +1042,7 @@ public class WebSession
|
||||
// Hints are indexed from 0
|
||||
getCurrentLesson().getLessonTracker( this ).setMaxHintLevel( getHintNum() + 1 );
|
||||
|
||||
hint = (String) getCurrentLesson().getHint( getHintNum() );
|
||||
hint = (String) getCurrentLesson().getHint( this, getHintNum() );
|
||||
}
|
||||
|
||||
return hint;
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user