dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

seems that we forgot about this one in the spring-boot-2 upgrade (#674)

Browse Source
This commit is contained in:
René Zubcevic 2019-10-02 14:52:21 +02:00 committed by GitHub
parent 663224d06a
commit fd7fb4cfbc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
webgoat-lessons/challenge/src/main/java/org/owasp/webgoat/challenges/Flag.java
View File

@ -37,6 +37,7 @@ import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;
import javax.annotation.PostConstruct; import javax.annotation.PostConstruct;
import java.util.Map; import java.util.Map;
@ -48,7 +49,8 @@ import java.util.stream.IntStream;
* @since 3/23/17. * @since 3/23/17.
*/ */
@Slf4j @Slf4j
public class Flag { //extends Endpoint { @RestController
public class Flag {
public static final Map<Integer, String> FLAGS = Maps.newHashMap(); public static final Map<Integer, String> FLAGS = Maps.newHashMap();
@Autowired @Autowired
@ -69,12 +71,7 @@ public class Flag { //extends Endpoint {
IntStream.range(1, 10).forEach(i -> FLAGS.put(i, UUID.randomUUID().toString())); IntStream.range(1, 10).forEach(i -> FLAGS.put(i, UUID.randomUUID().toString()));
} }
// @Override @RequestMapping(path="/challenge/flag", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
// public String getPath() {
// return "challenge/flag";
// }
@RequestMapping(method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
@ResponseBody @ResponseBody
public AttackResult postFlag(@RequestParam String flag) { public AttackResult postFlag(@RequestParam String flag) {
UserTracker userTracker = userTrackerRepository.findByUser(webSession.getUserName()); UserTracker userTracker = userTrackerRepository.findByUser(webSession.getUserName());