All successful

webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/XXE.java

@@ -23,34 +23,17 @@
 package org.owasp.webgoat.xxe;
 
 import org.owasp.webgoat.lessons.Category;
-import org.owasp.webgoat.lessons.NewLesson;
+import org.owasp.webgoat.lessons.Lesson;
 import org.springframework.stereotype.Component;
 
-import java.util.ArrayList;
-import java.util.List;
-
 @Component
-public class XXE extends NewLesson {
+public class XXE extends Lesson {
 
     @Override
     public Category getDefaultCategory() {
         return Category.XXE;
     }
 
-    @Override
-    public List<String> getHints() {
-        List<String> hints = new ArrayList<String>();
-        hints.add("Try submitting the form and see what happens");
-        hints.add("XXE stands for XML External Entity attack");
-        hints.add("Try to include your own DTD");
-        return hints;
-    }
-
-    @Override
-    public Integer getDefaultRanking() {
-        return 4;
-    }
-
     @Override
     public String getTitle() {
         return "xxe.title";

webgoat-lessons/xxe/src/test/java/org/owasp/webgoat/xxe/BlindSendFileAssignmentTest.java

@@ -34,6 +34,8 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
 @RunWith(SpringJUnit4ClassRunner.class)
 public class BlindSendFileAssignmentTest extends LessonTest {
 
+    @Autowired
+    private XXE xxe;
     @Autowired
     private Comments comments;
     @Value("${webgoat.user.directory}")
@@ -45,11 +47,9 @@ public class BlindSendFileAssignmentTest extends LessonTest {
     public WireMockRule webwolfServer = new WireMockRule(wireMockConfig().dynamicPort());
 
     @Before
-    public void setup() throws Exception {
-        XXE xxe = new XXE();
+    public void setup() {
         when(webSession.getCurrentLesson()).thenReturn(xxe);
         this.mockMvc = MockMvcBuilders.webAppContextSetup(this.wac).build();
-        when(webSession.getUserName()).thenReturn("unit-test");
         port = webwolfServer.port();
     }
 

webgoat-lessons/xxe/src/test/java/org/owasp/webgoat/xxe/ContentTypeAssignmentTest.java

@@ -47,15 +47,15 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
 @RunWith(SpringJUnit4ClassRunner.class)
 public class ContentTypeAssignmentTest extends LessonTest {
 
+    @Autowired
+    private XXE xxe;
     @Autowired
     private Comments comments;
 
     @Before
-    public void setup() throws Exception {
-        XXE xxe = new XXE();
+    public void setup() {
         when(webSession.getCurrentLesson()).thenReturn(xxe);
         this.mockMvc = MockMvcBuilders.webAppContextSetup(this.wac).build();
-        when(webSession.getUserName()).thenReturn("unit-test");
     }
 
     @Test

webgoat-lessons/xxe/src/test/java/org/owasp/webgoat/xxe/SimpleXXETest.java

@@ -28,6 +28,7 @@ import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.owasp.webgoat.plugins.LessonTest;
 import org.owasp.webgoat.xxe.XXE;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
 import org.springframework.test.web.servlet.setup.MockMvcBuilders;
@@ -43,12 +44,13 @@ import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.
 @RunWith(SpringJUnit4ClassRunner.class)
 public class SimpleXXETest extends LessonTest {
 
+    @Autowired
+    private XXE xxe;
+
     @Before
-    public void setup() throws Exception {
-        XXE xxe = new XXE();
+    public void setup() {
         when(webSession.getCurrentLesson()).thenReturn(xxe);
         this.mockMvc = MockMvcBuilders.webAppContextSetup(this.wac).build();
-        when(webSession.getUserName()).thenReturn("unit-test");
     }
 
     @Test