0319c477b1
XSS lesson completion fixes ( #669 )
...
* XSS lesson completion fixes
* removed log all
* lesson progress capable of deprecated assignments in the database
* fixed unit test for lesson progress
2019-09-29 14:46:18 +02:00
d080b3ef06
Review comment
2019-09-24 07:36:49 +02:00
261f947777
Fix
2019-09-20 17:45:33 +02:00
c8ef848657
Fix
2019-09-20 17:36:15 +02:00
6fe5831f11
FIx?
2019-09-20 16:46:26 +02:00
cf00454f8b
Testing issue
2019-09-20 08:30:07 +02:00
e8d086ac9b
All successful
2019-09-20 07:59:04 +02:00
82ad0a7cc7
Finally working
2019-09-18 17:53:43 +02:00
dceb375d5e
WIP
2019-09-13 18:57:40 +02:00
361249c666
First attempt at moving to Spring Boot 2
2019-09-12 17:22:03 +02:00
2283f945a9
Fix failing configuration
2019-08-25 17:53:36 +02:00
ff530e926e
Use separate project for integration tests so we can start WebGoat and WebWolf
2019-08-25 17:43:14 +02:00
f0d1555a09
Fixed #45 - multiple tracker for one user fixed
2019-08-21 23:38:27 +02:00
e61c943f97
#601 bug: username is case sensitive, but email in general is not
...
Opted for completing remove support for uppercase letters in username
this way we never come across issued with casing in WebGoat
2019-07-28 20:48:20 +02:00
ae674b9297
Merge pull request #620 from zubcevic/july2019-bugfixes
...
increased sql form fields and fixed chrome progress
2019-07-25 08:39:34 +02:00
216b29fca2
Clean up in pom files
2019-07-24 20:37:32 +02:00
ea38973068
UTF-8 config added for ThymeLeaf
2019-07-22 08:21:34 +02:00
63a1097466
owasp categories
2019-07-14 12:38:11 +02:00
e57c9d05b6
added checkbox and corrected fall back for the other labels
2019-04-21 14:10:01 +02:00
b02a01d35e
squash
2019-03-26 08:43:38 +01:00
6d974b5fa8
Fixed lesson sorting issue
2019-03-26 08:43:38 +01:00
1bcddaf710
Reworked and polished assignment 8 and 9 (C and I)
2019-03-26 08:43:38 +01:00
6fe7582dfb
Added an assignment for compromising availability to the sql injections (introduction).
...
WIP
2019-03-26 08:43:38 +01:00
75b1895122
Added a new lessons for sql injections on "Compromising confidentiality with String SQL Injection"
2019-03-26 08:43:38 +01:00
6e36cc1ea4
removed unnecessary interceptors
2019-03-26 08:37:47 +01:00
1c2648e0a9
disable the fallback to the system locale to fix unit test and establish the desired behaviour
2019-03-26 08:37:47 +01:00
ed490a5ecf
Fix for #545
...
Introduced new macro to make a clear distinction between /WebWolf with
context root and without.
2019-01-16 11:07:30 +01:00
844808bfa7
Merge pull request #485 from matthias-g/fixSQLInjection
...
Fix sql injection
2018-06-13 18:41:05 -06:00
1d2575a211
Allow - in usernames because CSRF lesson requires username starting with prefix crsf- #476
2018-06-13 11:38:33 +02:00
56fc983414
Update database layout so that proposed solution works
2018-06-12 17:40:28 +02:00
fc2c99bcb4
Limit the username to letters and digits only
2018-05-29 16:16:52 +02:00
60ef35e241
Working lesson
2018-05-23 14:28:19 +02:00
9d7886d572
More JWT work
2018-05-23 14:28:19 +02:00
ea9c1a453d
Initial version for JWT
2018-05-23 14:28:19 +02:00
84860e65f6
Insecure Deserialization exercise
2018-05-23 13:58:03 +02:00
8050a2b56d
XXE lesson not showing correct link for WebWolf
2018-05-01 21:54:28 +02:00
e4ca0c4836
Make report working again
2018-04-27 19:26:01 +02:00
e422da4c64
Polling for lesson updates (updates the menu and page navigation)
2018-04-27 18:50:13 +02:00
245ba2c3d1
Fix XXE lesson, the exact .webgoat directory including version number will be put in the lesson.
2018-04-24 20:44:05 +02:00
672d78eebc
Resource bundle in UTF-8
2018-04-23 16:12:50 +02:00
b99b554522
Version: docker 8.0.0.M9 Multiple users can't finalize the same lesson #432
2018-01-29 15:29:48 +01:00
ee11381a63
Fixed database issue mappings
2018-01-21 17:13:28 +01:00
2cc6c232e2
Added macro for asciidoc to produce the WebWolf link dynamically depending on configuration
2018-01-15 20:56:59 +01:00
a6b9235711
SQL Error '-104' in XSS Lesson Page 7 #416
2018-01-10 12:48:45 +01:00
c6e86861fe
Removed Mongodb, so we do not have issues with downloading the embedded Mongodb. Moved back to JPA and use HSQLDB for storing user information.
2017-12-29 22:12:21 +01:00
dd7f4074cd
Added encoding for asciidoc
2017-12-28 00:16:16 +01:00
43b82027f5
Added more content for CSRF lesson
2017-11-22 01:34:05 +01:00
5eed385d5d
When an adoc file cannot be found the complete lesson crashed, made it failsafe with a logging statement.
2017-11-17 07:08:24 +01:00
fc1353b2f1
Pom cleanup
2017-11-02 16:14:44 +01:00
3ee1a1ca16
Travis now builds Docker and create a Github release.
...
Removed ActiveMQ between WebGoat and WebWolf they now act as standalone applications
2017-10-18 10:54:16 +02:00
