f7b794bf68
Race condition in counting number of attempts #567 ( #697 )
...
Add version to Hibernate mapping so we get optimistic locking this solves
number of parallel calls trying to update/guess and mess with the lesson
counter
2019-11-03 18:14:15 +01:00
1a83e2825e
Code style ( #696 )
...
* Remove Guava dependency from WebGoat
* Add Checkstyle to the project with very basic standards so we have a
style across lessons. It does not interfere with basic Intellij formatting
2019-11-03 18:11:09 +01:00
1f00d461a8
cleaned logs and changed username length for csrf-uuid
2019-10-15 13:59:18 +02:00
e8d086ac9b
All successful
2019-09-20 07:59:04 +02:00
ff530e926e
Use separate project for integration tests so we can start WebGoat and WebWolf
2019-08-25 17:43:14 +02:00
f0d1555a09
Fixed #45 - multiple tracker for one user fixed
2019-08-21 23:38:27 +02:00
e61c943f97
#601 bug: username is case sensitive, but email in general is not
...
Opted for completing remove support for uppercase letters in username
this way we never come across issued with casing in WebGoat
2019-07-28 20:48:20 +02:00
1d2575a211
Allow - in usernames because CSRF lesson requires username starting with prefix crsf- #476
2018-06-13 11:38:33 +02:00
fc2c99bcb4
Limit the username to letters and digits only
2018-05-29 16:16:52 +02:00
8050a2b56d
XXE lesson not showing correct link for WebWolf
2018-05-01 21:54:28 +02:00
b99b554522
Version: docker 8.0.0.M9 Multiple users can't finalize the same lesson #432
2018-01-29 15:29:48 +01:00
ee11381a63
Fixed database issue mappings
2018-01-21 17:13:28 +01:00
a6b9235711
SQL Error '-104' in XSS Lesson Page 7 #416
2018-01-10 12:48:45 +01:00
c6e86861fe
Removed Mongodb, so we do not have issues with downloading the embedded Mongodb. Moved back to JPA and use HSQLDB for storing user information.
2017-12-29 22:12:21 +01:00
43b82027f5
Added more content for CSRF lesson
2017-11-22 01:34:05 +01:00
46c536554c
- Added new challenges
...
- Added new webapplication called WebWolf to make attacks more realistic
- Added WebWolf lesson to explain the concepts behind this new application
2017-09-12 23:12:10 +02:00
b41751a55c
missing function level ac working again ... after VM implosion
2017-08-08 17:15:20 -06:00
8df1d53471
interim missing function ac commit, traversing dev. env.
2017-08-08 09:28:09 -06:00
b0f66f16fb
initial plumb of scoreboard
2017-05-02 22:24:31 -04:00
a134b25213
Scoreboard now returns the flags captured (title)
2017-05-02 02:45:35 +02:00
eb7a6bd2be
Creating endpoint for the scoreboard
2017-05-02 02:29:47 +02:00
ebf2f9d864
wip
2017-04-15 11:37:43 +02:00
fbf2d1b422
Added validation to detect duplicate users during registration
2017-04-08 08:30:14 +02:00
9833637abf
Fixed exception while logging in with unknown user
2017-03-23 21:46:21 +01:00
259fd19c1b
- Introduced user registration
...
- Now using Spring Boot for classloading, this way local development does not need to restart the complete server
- Fixed all kinds of dependencies on the names of the lessons necessary to keep in mind during the creation of a lesson.
- Simplied loading of resources, by adding resource mappings in MvcConfig.
- Refactored plugin loading, now only one class is left for loading the lessons.
2017-03-22 11:35:14 +01:00
