diff --git a/webgoat-integration-tests/src/test/java/org/owasp/webgoat/GeneralLessonTest.java b/webgoat-integration-tests/src/test/java/org/owasp/webgoat/GeneralLessonTest.java index 80dfbc496..f4ecbc4ea 100644 --- a/webgoat-integration-tests/src/test/java/org/owasp/webgoat/GeneralLessonTest.java +++ b/webgoat-integration-tests/src/test/java/org/owasp/webgoat/GeneralLessonTest.java @@ -87,7 +87,6 @@ public class GeneralLessonTest extends IntegrationTest { .get(url("/WebGoat/HttpProxies/intercept-request?changeMe=Requests are tampered easily")).then() .statusCode(200).extract().path("lessonCompleted"), CoreMatchers.is(true)); checkResults("/HttpProxies/"); - } @Test diff --git a/webgoat-lessons/http-proxies/src/main/java/org/owasp/webgoat/http_proxies/HttpBasicsInterceptRequest.java b/webgoat-lessons/http-proxies/src/main/java/org/owasp/webgoat/http_proxies/HttpBasicsInterceptRequest.java index 5cc5389e2..37d4cc138 100644 --- a/webgoat-lessons/http-proxies/src/main/java/org/owasp/webgoat/http_proxies/HttpBasicsInterceptRequest.java +++ b/webgoat-lessons/http-proxies/src/main/java/org/owasp/webgoat/http_proxies/HttpBasicsInterceptRequest.java @@ -31,6 +31,11 @@ import org.springframework.web.bind.annotation.*; @RestController public class HttpBasicsInterceptRequest extends AssignmentEndpoint { +// @ExceptionHandler(MissingServletRequestParameterException.class) +// public AttackResult handleMissingParams() { +// return trackProgress(failed().feedback("http-proxies.intercept.failure").build()); +// } + @GetMapping("/HttpProxies/intercept-request") @ResponseBody public AttackResult completed(@RequestHeader(value = "x-request-intercepted", required = false) Boolean headerValue, @@ -42,14 +47,9 @@ public class HttpBasicsInterceptRequest extends AssignmentEndpoint { } } - @PostMapping("/HttpProxies/intercept-request") - @ResponseBody - public AttackResult post() { - return trackProgress(failed().feedback("http-proxies.intercept.failure").build()); - } - - @ExceptionHandler(MissingServletRequestParameterException.class) - public AttackResult handleMissingParams() { - return trackProgress(failed().feedback("http-proxies.intercept.failure").build()); - } +// @PostMapping("/HttpProxies/intercept-request") +// @ResponseBody +// public AttackResult post() { +// return trackProgress(failed().feedback("http-proxies.intercept.failure").build()); +// } } diff --git a/webgoat-lessons/http-proxies/src/test/java/org/owasp/webgoat/http_proxies/HttpBasicsInterceptRequestTest.java b/webgoat-lessons/http-proxies/src/test/java/org/owasp/webgoat/http_proxies/HttpBasicsInterceptRequestTest.java index eca0c0c5a..19838dcc1 100644 --- a/webgoat-lessons/http-proxies/src/test/java/org/owasp/webgoat/http_proxies/HttpBasicsInterceptRequestTest.java +++ b/webgoat-lessons/http-proxies/src/test/java/org/owasp/webgoat/http_proxies/HttpBasicsInterceptRequestTest.java @@ -88,13 +88,13 @@ public class HttpBasicsInterceptRequestTest extends AssignmentEndpointTest { .andExpect(jsonPath("$.lessonCompleted", CoreMatchers.is(false))); } - @Test - public void whenPostAssignmentShouldNotPass() throws Exception { - mockMvc.perform(MockMvcRequestBuilders.post("/HttpProxies/intercept-request") - .header("x-request-intercepted", "true") - .param("changeMe", "Requests are tampered easily")) - .andExpect(status().isOk()) - .andExpect(jsonPath("$.feedback", CoreMatchers.is(messages.getMessage("http-proxies.intercept.failure")))) - .andExpect(jsonPath("$.lessonCompleted", CoreMatchers.is(false))); - } +// @Test +// public void whenPostAssignmentShouldNotPass() throws Exception { +// mockMvc.perform(MockMvcRequestBuilders.post("/HttpProxies/intercept-request") +// .header("x-request-intercepted", "true") +// .param("changeMe", "Requests are tampered easily")) +// .andExpect(status().isOk()) +// .andExpect(jsonPath("$.feedback", CoreMatchers.is(messages.getMessage("http-proxies.intercept.failure")))) +// .andExpect(jsonPath("$.lessonCompleted", CoreMatchers.is(false))); +// } } \ No newline at end of file