dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

First attempt to remove JSP and move to Thymeleaf and update to Spring Boot. The Thymeleaf templates can be loaded as snippets which makes it more easy to move away from ECS and create normal HTML pages for a lesson.

Browse Source
This commit is contained in:
Nanne Baars
2016-04-05 08:19:50 +02:00
parent 7f91671c8f
commit ecc8cb391b
186 changed files with 14439 additions and 13920 deletions
Download Patch File Download Diff File Expand all files Collapse all files

112
webgoat-container/src/main/resources/templates/about.html Normal file
View File

@ -0,0 +1,112 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-hidden="true">&times;</button>
<h3 class="modal-title" id="myModalLabel">About WebGoat - Provided by the OWASP Foundation</h3>
</div>
<div class="modal-body modal-scroll">
<p>Thanks for hacking The Goat!</p>
<p>WebGoat is a demonstration of common web application flaws. The
associated exercises are intended to provide hands-on experience with
techniques aimed at demonstrating and testing application penetration.
</p>
<p>From the entire WebGoat team, we appreciate your interest and efforts
in making applications not just better, but safer and more secure for
everyone. We, as well as our sacrificial goat, thank you.</p>
<p>
Version: ${version},&nbsp;Build: ${build}
</p>
<div class="row">
<div class="col-md-6">
<p>Contact us:
<ul>
<li>WebGoat mailing list: ${emailList}</li>
<li>Bruce Mayhew: ${contactEmail}</li>
</ul>
</p>
</div>
</div>
<div class="row">
<div class="col-md-6">
<p>WebGoat Authors
<ul>
<li>Bruce Mayhew (Author & Project Lead)</li>
<li>Jeff Williams (Author & Original Idea)</li>
<li>Jason White (Architect)</li>
<li>Nanne Baars (Plugin Architecture)</li>
<li>Richard Lawson (Architect)</li>
</ul>
</p>
</div>
<div class="col-md-6">
<p>Active Contributors
<ul>
<li>Nanne Baars (Developer)</li>
<li>Jason White (Developer)</li>
<li>Doug Morato (Developer & CI)</li>
<li>Jeff Wayman (Docs)</li>
<li>Bruce Mayhew (Developer)</li>
<li>Michael Dever (Developer)</li>
</ul>
</p>
</div>
</div>
<div class="row">
<div class="col-md-6">
<p>WebGoat Design Team (Active)
<ul>
<li>Nanne Baars (Plugin Architecture)</li>
<li>Bruce Mayhew (Goat Herder)</li>
<li>Jeff Wayman (Website and Docs)</li>
<li>Jason White (User Interface)</li>
</ul>
</p><br/>
<p>Corporate Sponsorship - Companies that have donated significant time to WebGoat development
<ul>
<li>Aspect Security</li>
<li>Ounce Labs</li>
</ul>
</p><br/>
<p>Did we miss you? Our sincere apologies, as we know there have
been many contributors over the years. If your name does not
appear in any of the lists above, please send us a note. We'll
get you added with no further sacrifices required.</p>
</div>
<div class="col-md-6">
<p>Past Contributors
<ul>
<li>Dave Cowden (Everything)</li>
<li>Richard Lawson (Service Layer)</li>
<li>Keith Gasser (Survey/Security)</li>
<li>Devin Mayhew (Setup/Admin)</li>
<li>Li Simon (Developer)</li>
<li>Ali Looney (UI Design)</li>
<li>David Anderson (Developer/Design)</li>
<li>Christopher Blum (Lessons)</li>
<li>Laurence Casey (Graphics)</li>
<li>Brian Ciomei (Bug fixes)</li>
<li>Rogan Dawes (Lessons)</li>
<li>Erwin Geirnaert (Solutions)</li>
<li>Aung Knant (Documentation)</li>
<li>Ryan Knell (Lessons)</li>
<li>Christine Koppeit (Build)</li>
<li>Sherif Kousa (Lessons/Documentation)</li>
<li>Reto Lippuner (Lessons)</li>
<li>PartNet (Lessons)</li>
<li>Yiannis Pavlosoglou (Lessons)</li>
<li>Eric Sheridan (Lessons)</li>
<li>Alex Smolen (Lessons)</li>
<li>Chuck Willis (Lessons)</li>
<li>Marcel Wirth (Lessons)</li>
</ul>
</p>
</div>
</div>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
</div>
</div>

1
webgoat-container/src/main/resources/templates/lesson_content.html Normal file
View File

@ -0,0 +1 @@
<h1>Lesson content</h1>

68
webgoat-container/src/main/resources/templates/login.html Normal file
View File

@ -0,0 +1,68 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org">
<head>
<title>Login Page</title>
<!-- CSS -->
<link rel="stylesheet" type="text/css" th:href="@{/css/main.css}" />
<link rel="stylesheet" type="text/css" th:href="@{/plugins/bootstrap/css/bootstrap.min.css}" />
<link rel="stylesheet" type="text/css" th:href="@{/css/font-awesome.min.css}" />
<link rel="stylesheet" type="text/css" th:href="@{/css/animate.css}" />
</head>
<body>
<section id="container">
<header id="header">
<!--logo start-->
<div class="brand">
<a href="${pageContext.request.contextPath}/start.mvc" class="logo"><span>Web</span>Goat</a>
</div>
<!--logo end-->
<div class="toggle-navigation toggle-left">
</div><!--toggle navigation end-->
<div class="lessonTitle" >
</div><!--lesson title end-->
</header>
<section class="main-content-wrapper">
<section id="main-content" >
<div th:if="${param.error}">
Invalid username and password.
</div>
<div th:if="${param.logout}">
You've been logged out successfully.
</div>
<br/><br/>
<form th:action="@{/login}" method='POST' style="width: 400px;">
<div class="form-group">
<label for="exampleInputEmail1">Username</label>
<input type="text" class="form-control" id="exampleInputEmail1" placeholder="Username" name='username'/>
</div>
<div class="form-group">
<label for="exampleInputPassword1">Password</label>
<input type="password" class="form-control" id="exampleInputPassword1" placeholder="Password" name='password'/>
</div>
<button class="btn btn-large btn-primary" type="submit">Sign in</button>
</form>
<br/><br/>
<h4>The following accounts are built into Webgoat</h4>
<table class="table table-bordered" style="width:400px;">
<thead>
<tr class="warning"><th>Account</th><th>User</th><th>Password</th></tr>
</thead>
<tbody>
<tr><td>Webgoat User</td><td>guest</td><td>guest</td></tr>
<tr><td>Webgoat Admin</td><td>webgoat</td><td>webgoat</td></tr>
</tbody>
</table>
<br/><br/>
</section>
</section>
</section>
</body>
</html>

204
webgoat-container/src/main/resources/templates/main_new.html Normal file
View File

@ -0,0 +1,204 @@
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org">
<head>
<meta http-equiv="Expires" CONTENT="0"/>
<meta http-equiv="Pragma" CONTENT="no-cache"/>
<meta http-equiv="Cache-Control" CONTENT="no-cache"/>
<meta http-equiv="Cache-Control" CONTENT="no-store"/>
<!--[if lt IE 7]>
<html class="no-js lt-ie9 lt-ie8 lt-ie7"/> <![endif]-->
<!--[if IE 7]>
<html class="no-js lt-ie9 lt-ie8"/> <![endif]-->
<!--[if IE 8]>
<html class="no-js lt-ie9"/> <![endif]-->
<!--[if gt IE 8]><!-->
<!-- CSS -->
<link rel="shortcut icon" th:href="@{/images/favicon.ico}" type="image/x-icon"/>
<link rel="stylesheet" type="text/css" th:href="@{/css/main.css}"/>
<link rel="stylesheet" type="text/css" th:href="@{/plugins/bootstrap/css/bootstrap.min.css}"/>
<link rel="stylesheet" type="text/css" th:href="@{/css/font-awesome.min.css}"/>
<link rel="stylesheet" type="text/css" th:href="@{/css/animate.css}"/>
<!-- end of CSS -->
<!-- JS -->
<script src="js/modernizr-2.6.2.min.js"/>
<!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!--[if lt IE 9]>
<script src="js/html5shiv.js"/>
<script src="js/respond.min.js"/>
<![endif]-->
<!-- Require.js used to load js asynchronously -->
<script src="js/libs/require.min.js" data-main="js/main.js"/>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"/>
<title>WebGoat</title>
</head>
<body>
<section id="container">
<header id="header">
<!--logo start-->
<div class="brand">
<a href="${pageContext.request.contextPath}/start.mvc" class="logo"><span>Web</span>Goat</a>
</div>
<!--logo end-->
<div class="toggle-navigation toggle-left">
<button type="button" class="btn btn-default" id="toggle-menu" data-toggle="tooltip" data-placement="right"
title="Toggle Navigation">
<i class="fa fa-bars"></i>
</button>
</div><!--toggle navigation end-->
<div id="lesson-title-wrapper">
</div><!--lesson title end-->
<div class="user-nav pull-right" id="user-and-info-nav" style="margin-right: 75px;">
<div class="dropdown" style="display:inline">
<button type="button" data-toggle="dropdown" class="btn btn-default dropdown-toggle" id="user-menu">
<i class="fa fa-user"></i> <span class="caret"></span>
</button>
<ul class="dropdown-menu dropdown-menu-left">
<li role="presentation"><a role="menuitem" tabindex="-1" href="/login?logout">Logout</a></li>
<li role="presentation" class="divider"></li>
<li role="presentation" class="disabled"><a role="menuitem" tabindex="-1" href="#">User: ${user}</a>
</li>
<li role="presentation" class="disabled"><a role="menuitem" tabindex="-1" href="#">Role: ${role}</a>
</li>
<li role="presentation" class="divider"></li>
<li role="presentation" class="disabled"><a role="menuitem" tabindex="-1" href="#">${version}</a>
</li>
<li role="presentation" class="disabled"><a role="menuitem" tabindex="-1" href="#">Build:
${build}</a></li>
</ul>
</div>
<button type="button" id="about-button" class="btn btn-default right_nav_button" title="About WebGoat"
data-toggle="modal" data-target="#about-modal">
<i class="fa fa-info"></i>
</button>
<a href="mailto:${contactEmail}?Subject=Webgoat%20feedback" target="_top">
<button type="button" class="btn btn-default right_nav_button" data-toggle="tooltip" title="Contact Us">
<i class="fa fa-envelope"></i>
</button>
</a>
</div>
</header>
<aside class="sidebar">
<div id="menu-container"></div>
</aside>
<!--sidebar left end-->
<!--main content start-->
<section class="main-content-wrapper">
<section id="main-content"> <!--ng-controller="goatLesson"-->
<div class="row">
<div class="col-md-8">
<div class="col-md-12" align="left">
<div class="panel" id="help-controls">
<button class="btn btn-primary btn-xs btn-danger help-button" id="show-source-button">Show Source
</button>
<button class="btn btn-primary btn-xs btn-danger help-button" id="show-solution-button">Show Solution
</button>
<button class="btn btn-primary btn-xs btn-danger help-button" id="show-plan-button">Show Plan</button>
<button class="btn btn-primary btn-xs btn-danger help-button" id="show-hints-button">Show Hints
</button>
<button class="btn btn-xs help-button" id="restart-lesson-button">Restart Lesson</button>
</div>
<div class="lesson-hint" id="lesson-hint-container">
<h4>Hints</h4>
<div class="panel">
<div class="panel-body" id="lesson-hint">
<span class="glyphicon-class glyphicon glyphicon-circle-arrow-left"
id="show-prev-hint"></span>
<span class="glyphicon-class glyphicon glyphicon-circle-arrow-right"
id="show-next-hint"></span>
<br/>
<span id="lesson-hint-content"></span>
</div>
</div>
</div>
</div>
<div class="col-md-12" align="left">
<div id="lesson-content-wrapper" class="panel">
</div>
</div>
</div><!--col-md-8 end-->
<div class="col-md-4">
<div class="col-md-12">
<div class="panel">
<div class="panel-body">
<div align="left">
<h3>Cookies / Parameters</h3>
</div>
<hr/>
<div id="cookies-and-params">
<div id="cookies-view">
<h4>Cookies</h4>
</div>
<div id="params-view"> <!--class="paramsView"-->
<h4>Params</h4>
</div>
</div>
</div>
</div>
</div>
</div><!--col-md-4 end-->
</div>
<div id="lesson-helps-wrapper" class="panel">
<div class="lesson-help" id="lesson-plan-row">
<div class="col-md-12">
<h4>Lesson Plan</h4>
<div class="panel">
<div class="panel-body" id="lesson-plan-content">
<!-- allowing jQuery to handle this one -->
</div>
</div>
</div>
</div>
<div class="lesson-help" id="lesson-solution-row">
<div class="col-md-12">
<h4>Lesson Solution</h4>
<div class="panel">
<div class="panel-body" id="lesson-solution-content">
</div>
</div>
</div>
</div>
<div class="lesson-help" id="lesson-source-row">
<div class="col-md-12">
<h4>Lesson Source Code</h4>
<div class="panel">
<div class="panel-body" id="lesson-source-content">
</div>
</div>
</div>
</div>
</div>
</section>
</section>
</section>
<!-- About WebGoat Modal -->
<div class="modal" id="about-modal" tabindex="-1" role="dialog" aria-labelledby="myModalLabel" aria-hidden="true">
<div class="modal-dialog modal-lg">
<div class="modal-content">
<!-- TODO@NB
<jsp:include page="../pages/about.jsp"/> -->
</div>
</div>
</div>
</body>
</html>