Create WebgoatContext in HammerHead, rather than WebSession

Now webgoatContext should effectively be a singleton, shared across all WebSession instances. WebSession now initialises from WebgoatContext. WebSession methods that refer to static "site wide" properties are deeted and references to them updated to point to WebgoatContext git-svn-id: http://webgoat.googlecode.com/svn/trunk@141 4033779f-a91e-0410-96ef-6bf7bf53c507
2007-07-10 11:51:26 +00:00
parent 53487970f6
commit eaf12c706c
7 changed files with 108 additions and 97 deletions
--- a/webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/CommandInjection.java
+++ b/webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/CommandInjection.java
@ -68,13 +68,13 @@ public class CommandInjection extends LessonAdapter
    protected Element createContent(WebSession s)
    {
 	ElementContainer ec = new ElementContainer();
-	boolean illegalCommand = s.isDefuseOSCommands();
+	boolean illegalCommand = getWebgoatContext().isDefuseOSCommands();
 	try
 	{
 	    String helpFile = s.getParser().getRawParameter(HELP_FILE,
 		    "BasicAuthentication.help");
 	    String safeDirName;
-	    if (s.isDefuseOSCommands()
+	    if (getWebgoatContext().isDefuseOSCommands()
 		    && (helpFile.indexOf('&') != -1 || helpFile.indexOf(';') != -1))
 	    {
 		int index = helpFile.indexOf('&');
@ -123,7 +123,7 @@ public class CommandInjection extends LessonAdapter
 		}
 	    }

-	    if (s.isDefuseOSCommands() && helpFile.indexOf('&') == -1
+	    if (getWebgoatContext().isDefuseOSCommands() && helpFile.indexOf('&') == -1
 		    && helpFile.indexOf(';') == -1)
 	    {
 		if (helpFile.length() > 0)
--- a/webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/LessonAdapter.java
+++ b/webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/LessonAdapter.java
@ -81,7 +81,7 @@ public abstract class LessonAdapter extends AbstractLesson
 				+ "In fact, most lessons can be created by following the easy to use instructions in the "
 				+ "<A HREF=http://www.owasp.org/index.php/WebGoat_User_and_Install_Guide_Table_of_Contents>WebGoat User Guide.</A>&nbsp;&nbsp;"
 				+ "If you would prefer, send your lesson ideas to "
-				+ s.getFeedbackAddress()));
+				+ getWebgoatContext().getFeedbackAddress()));

 	String fileName = s.getContext().getRealPath(
 		"doc/New Lesson Instructions.txt");
--- a/webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/PathBasedAccessControl.java
+++ b/webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/PathBasedAccessControl.java
@ -102,8 +102,8 @@ public class PathBasedAccessControl extends LessonAdapter
 	    String file = s.getParser().getRawParameter(FILE, "");

 	    // defuse file searching
-	    boolean illegalCommand = s.isDefuseOSCommands();
-	    if (s.isDefuseOSCommands())
+	    boolean illegalCommand = getWebgoatContext().isDefuseOSCommands();
+	    if (getWebgoatContext().isDefuseOSCommands())
 	    {
 		// allow them to look at any file in the webgoat hierachy.  Don't allow them
 		// to look about the webgoat root, except to see the LICENSE file
--- a/webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/admin/ReportCardScreen.java
+++ b/webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/admin/ReportCardScreen.java
@ -104,7 +104,7 @@ public class ReportCardScreen extends LessonAdapter
 	ElementContainer ec = new ElementContainer();
 	ec.addElement(new Center(new StringElement(
 		"Comments and suggestions are welcome. "
-			+ s.getFeedbackAddress())));
+			+ getWebgoatContext().getFeedbackAddress())));

 	return ec;
    }