ac4b06f11b
Move enabling security to WebGoat core and add resetting the lessons.
...
We can use it for more lessons and showcase how to apply security directly from the source code.
Resolves : #1176
2021-12-20 16:45:06 +01:00
f8dda37027
Rename properties
...
Rename `webwolf.url.*` to `webwolf.*.url` making it easier to move to a configuration class as no nested property is necessary
2021-11-23 13:22:08 +01:00
ff67ee6484
Update to correct version
2021-10-04 14:40:19 +02:00
04d1293a33
#1045 : Run build with Java 16
2021-09-23 16:09:28 +02:00
42369816c9
1026 ( #1047 )
...
* Move back to Java 15 as XML parsers fail with XXE lesson
* Documentation improvement
2021-09-17 13:46:58 +02:00
60bd04b9aa
Move to snapshot version
2021-07-29 11:13:16 +03:00
69a370f438
New release, updating pom.xml
2021-05-23 20:11:23 +02:00
a53ba0af5c
Fix for accidentally disabled integration tests ( #997 )
...
* drop column is no longer required due to better db seperation
'
* integration test fix with BeforeAll
2021-05-19 18:20:31 +02:00
a1071e9c00
Fix return type of asciidoctor macro implementation.
2021-04-23 15:11:56 +02:00
d0f36f5227
Fix failing XXE test
2021-04-03 22:31:27 +02:00
b3f7a5338e
Update to latest versions
2021-04-03 10:58:22 +02:00
14621003d7
Remove banner.txt as you can set it with a property in application.properties
2021-03-31 19:31:13 +02:00
cda852f4e8
Run unit tests again for all lessons and rewrite all to JUnit 5
...
Due to the migration to Spring Boot 2.4 the Vintage dependency was no longer included by default, resulting in skipping all unit tests.
2021-03-31 19:31:13 +02:00
ae6d448aa0
Replace ${revision} with real version as Maven
...
The CI pipeline should take care of this.
2021-03-31 19:31:13 +02:00
b8bdb8f432
Updating to the new development version
2021-03-30 14:05:26 +00:00
935871c39a
Add some debugging information to know which test cases might have failed
2021-03-29 07:30:03 +02:00
ce6e4d2090
Fix issue with looking for all directories one present should be enough
2021-03-29 07:30:03 +02:00
f2ab5c1968
Update JWT lesson
2021-03-15 17:48:13 +01:00
ad5ab4ca2e
Fixes #321 ( #935 )
...
Copyright year was "20014", replaced to "2014"
Fixed the old github.io URL which no longer exist
See https://github.com/WebGoat/WebGoat/issues/321
2021-02-18 19:06:11 +01:00
60c7fdd0db
activation button tested
2020-12-09 19:40:16 +01:00
bce4c775bf
initial idea for explanation on static code analysis and experience of the fix
2020-12-09 19:40:16 +01:00
574039902d
changed version to snapshot version and introduced revision parameter
...
for it
2020-11-27 12:15:19 +01:00
dac011db78
fix failing test (order)
2020-10-21 08:05:53 +02:00
41879c4603
Blind XXE lesson blocks including the file in the comment directly
2020-10-20 22:09:49 +02:00
317573c897
Small fixes june 2020 ( #857 )
...
* issue 849
* another integration test for a challenge
* fixing issue 848
* updated link for issue 833
* fix for 847
2020-07-08 19:26:09 +02:00
671691a5ed
XXE_changing_content_type.adoc: Typo fixes
2020-05-24 09:56:43 +02:00
f326755190
XXE_intro.adoc: Typo fixes
2020-05-24 09:56:43 +02:00
99edda6029
XXE_plan.adoc: Typo fixes
2020-05-24 09:56:43 +02:00
39740e069e
New release
2020-05-22 14:10:31 +02:00
5739705d8a
Process review comments
2020-05-22 10:10:42 +02:00
9b72610510
Extend XXE lesson with more content and add solution description
...
Remove obsolete images
Add stylesheet items specific for asciidoctor so we can for icons and source numbering
2020-05-22 10:10:42 +02:00
4e371b63d0
suppressing some useless log messages and banners in unit tests ( #752 )
...
* suppressing some useless log messages and banners in unit tests
* some more log suppressed
2020-01-25 12:11:45 +01:00
5dd6b31905
Adjust lesson template ( #704 )
...
* Remove method `getId()` from all lessons as it defaults to the class name
* remove clean up endpoint
* remove unused class `RequestParameter`
* remove unused class `PluginLoadingFailure`
* Move `CourseConfiguration` to lesson package
* Add more content around the lesson template lesson and make it visible as a lesson in WebGoat
* Remove explicit invocation `trackProgress()` inside WebGoat framework so assignments only need to return an `AttackResult`
* Put original solution back as well for SQL string injection
* review comments
* Add
2019-11-17 13:39:56 +01:00
f40b6ffd31
Moving back to snapshot
2019-11-13 12:27:26 +01:00
fe2ac1b8d4
New release, updating pom.xml
2019-11-12 09:22:45 +01:00
1a83e2825e
Code style ( #696 )
...
* Remove Guava dependency from WebGoat
* Add Checkstyle to the project with very basic standards so we have a
style across lessons. It does not interfere with basic Intellij formatting
2019-11-03 18:11:09 +01:00
663224d06a
xxe path info ( #670 )
...
* xxe path info aid added
* xxe path info aid added
* changes to template file and hints
* added ssl test support for XXE
* added ssl test support for XXE
* restconfig replaced by httpsrelaxed
* processed review comments on hints and example
2019-10-02 09:59:32 +02:00
9b906a2a29
Fix typo in XXE lesson
2019-09-25 00:37:36 +08:00
35c1305ce9
Merge conflicts resolved
2019-09-23 07:34:27 +02:00
e8d086ac9b
All successful
2019-09-20 07:59:04 +02:00
82ad0a7cc7
Finally working
2019-09-18 17:53:43 +02:00
ec236a4ff5
First steps in XXE integration tests
2019-09-18 14:48:34 +02:00
5e6f825e64
WIP
2019-09-13 16:42:13 +02:00
361249c666
First attempt at moving to Spring Boot 2
2019-09-12 17:22:03 +02:00
63a1097466
owasp categories
2019-07-14 12:38:11 +02:00
98537426f2
SNAPSHOT version
2019-05-03 11:15:11 +02:00
9b0c4e62c2
New release, updating pom.xml
2019-05-03 09:50:01 +02:00
aa2eac0cd8
fixed test
2019-04-21 14:14:23 +02:00
6d974b5fa8
Fixed lesson sorting issue
2019-03-26 08:43:38 +01:00
4050e899ff
changed unit test to dynamic port to prevent port conflict and build failure
2019-03-26 08:37:47 +01:00
