459cc613e1
Update main.css
...
quick update to ensure horizontal space is used
2017-04-21 12:27:37 -04:00
2f72ac4add
Merge branch 'develop' into challenge
2017-04-16 08:54:34 +02:00
a63bf006d6
Language of the browser not english will crash WebGoat during loading of the asciidoc. This is due to the fact we always presume the lesson plan is available in the browser language. It now falls back to 'en' whenever the lesson cannot be found with the language obtained from the browser.
2017-04-16 07:52:30 +02:00
d66db56c86
Added test for LessonMenuService.
2017-04-16 07:28:35 +02:00
7054c44c40
Fixed sorting issue with lessons, in particular the challenges need to be ordered so the intro is displayed first
2017-04-16 05:57:40 +02:00
3ccfcac8ff
Challenge 4 done
2017-04-16 05:14:47 +02:00
213e73bf02
Making database for each user (no sharing between each other)
2017-04-15 18:11:55 +02:00
6f633a0f78
Added the ability to remove all *.progress files when starting the server (for development). This is sometimes necessary when the internal structure of the lessons change but we still use old progress files.
2017-04-15 14:01:11 +02:00
eb13ebc26f
Assignments were not grouped per lesson in the same package
2017-04-15 13:59:57 +02:00
4e3ca68d08
Stop showing old lesson overview after finishing a lesson
2017-04-15 11:37:44 +02:00
e570f4bde2
Fixed pagination not initializing correctly when clicking on menu items
2017-04-15 11:37:44 +02:00
ec338326ea
Separating challenges
2017-04-15 11:37:43 +02:00
9bc219e931
numbering on pagination
2017-04-15 11:37:43 +02:00
e3d281a5f6
refactor of pagination controls
2017-04-15 11:37:43 +02:00
ebf2f9d864
wip
2017-04-15 11:37:43 +02:00
fbf2d1b422
Added validation to detect duplicate users during registration
2017-04-08 08:30:14 +02:00
9833637abf
Fixed exception while logging in with unknown user
2017-03-23 21:46:21 +01:00
5156b05aac
Fixed logout
2017-03-23 21:03:20 +01:00
90eee0e2d8
Adding write_delay option to hsql database (otherwise users were not persisted in database correctly)
2017-03-22 17:04:44 +01:00
c14b172503
Removed default values from login screen
2017-03-22 15:53:50 +01:00
53d30e2274
Fixed saving lesson tracker with reloadable classloader
2017-03-22 15:51:57 +01:00
259fd19c1b
- Introduced user registration
...
- Now using Spring Boot for classloading, this way local development does not need to restart the complete server
- Fixed all kinds of dependencies on the names of the lessons necessary to keep in mind during the creation of a lesson.
- Simplied loading of resources, by adding resource mappings in MvcConfig.
- Refactored plugin loading, now only one class is left for loading the lessons.
2017-03-22 11:35:14 +01:00
26ab0dc712
Added support to build an Docker container to run it on Raspberry Pi ( #329 )
...
Added support to build an Docker container to run it on Raspberry Pi #329
2017-03-02 21:31:40 +01:00
f71d02fc6a
Merge branch 'develop' into develop
2017-03-02 21:24:09 +01:00
2d6235e4f0
Provide Server-side service to support UI localization #265
...
- Now also enabled for adoc
2017-03-02 21:17:21 +01:00
7f532f0ffc
XSS lesson updates
2017-02-17 13:05:54 -05:00
af8f8c27a6
moving controls to top of content
2017-02-16 14:56:08 -05:00
33e807797c
Xstream RCE works now
2017-02-07 23:51:05 -05:00
a00546638a
Merge branch 'develop' of https://github.com/WebGoat/WebGoat into develop
2017-02-07 16:06:45 -05:00
b4159385c1
Vulnerable components draft, fixed missing properties in httpbasics when user input was empty
2017-02-07 16:05:30 -05:00
4664669ff2
cleaning up, fixing selected lesson class/es
2017-02-07 18:13:27 +01:00
85ef7ee1a4
Merge branch 'develop' of https://github.com/WebGoat/WebGoat into develop
2017-02-06 09:19:29 -05:00
ae82df3fb4
Fixed issue with loading messages in different language. As a standalone jar you can write properties back to messages.properties, this approach worked when you run with exploded classpath (target/classes etc). However failed when running inside Docker container.
2017-02-05 21:54:07 +01:00
d25700434e
Added tests for assignments
2017-01-31 23:28:59 +01:00
21659ac298
Add Thymeleaf th:href usage instead of pageContext.request.contextPath ( #323 )
...
* Add Thymeleaf th:href usage instead of pageContext.request.contextPath
* Add Thymeleaf th:href usage instead of pageContext.request.contextPath
2017-01-31 12:01:41 -05:00
ee5a12d205
Provide Server-side service to support UI localization #265 ( #322 )
...
merging
2017-01-31 11:52:33 -05:00
fbd37b39bd
Merge branch 'develop' of https://github.com/WebGoat/WebGoat into develop
2017-01-28 11:05:16 -05:00
30bdc89164
Adding Vulnerable Components Category
2017-01-28 11:01:05 -05:00
a0451eeb3a
Adding 'sorted' to lambda/stream
2017-01-27 15:41:46 -05:00
74dd74d4cc
formatting update
2017-01-27 15:40:57 -05:00
f3884fe605
#318 providing support for multiple jQuery versions and exposing it via webgoat.customjs namespace
2017-01-27 15:31:23 -05:00
693d791075
bumping jquery version to support A-9 lesson
2017-01-26 16:46:05 -05:00
ac16342c17
#315 Adding UI handling and corresponding expected elements for html files for decoration. Inlucdes minor refactor
2017-01-25 17:46:31 +01:00
0779f7a3d0
Hints per lesson ( #314 )
...
Squashing and merging ...
* Each assigment should have the options to have its own set of hints #278
* Updating lessons due to changes from #278
* Enable i18n client side #312
* IDOR move hints to assignment and enable i18n #312
2017-01-24 09:34:06 -05:00
9485362309
Getting current release running is hard and obscure #308
...
- README.md for develop only contains 8.0 information (removed legacy information etc)
- Docker image now contains tag for version 8.0
2017-01-15 22:13:05 +01:00
ee0d34e2ea
Merge pull request #310 from misfir3/develop
...
turning off HttpOnly
2017-01-15 18:44:52 +01:00
badbabd439
Fixing can't login to webgoat #307
2017-01-15 16:28:19 +01:00
b970fe37fa
turning off HttpOnly
2017-01-12 17:25:51 -05:00
f8b39d7d8c
#303 Clear current form on successful submission
2017-01-10 15:23:43 -05:00
3274ff7a93
properly scoping data submiission in onFormSubmit
2017-01-10 15:23:43 -05:00
