dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,364 Commits 11 Branches 78 Tags
Commit Graph

2364 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Philippe Lafoucrière
c03b8e22bf Fix webgoat-lesson-template parent artifact ref 
WebGoat 8 latest ([develop](9fdbbf69d6)) has the following compilation error:

```
Building Maven project at /builds/gitlab-org/security-products/tests/webgoat/webgoat-lessons/webgoat-lesson-template.
[INFO] Scanning for projects...
[ERROR] [ERROR] Some problems were encountered while processing the POMs:
[FATAL] Non-resolvable parent POM for org.owasp.webgoat.lesson:webgoat-lesson-template:[unknown-version]: Could not find artifact org.owasp.webgoat.lesson:webgoat-lessons-parent:pom:8.0-SNAPSHOT and 'parent.relativePath' points at wrong local POM @ line 6, column 13
 @ 
[ERROR] The build could not read 1 project -> [Help 1]
[ERROR]   
[ERROR]   The project org.owasp.webgoat.lesson:webgoat-lesson-template:[unknown-version] (/builds/gitlab-org/security-products/tests/webgoat/webgoat-lessons/webgoat-lesson-template/pom.xml) has 1 error
[ERROR]     Non-resolvable parent POM for org.owasp.webgoat.lesson:webgoat-lesson-template:[unknown-version]: Could not find artifact org.owasp.webgoat.lesson:webgoat-lessons-parent:pom:8.0-SNAPSHOT and 'parent.relativePath' points at wrong local POM @ line 6, column 13 -> [Help 2]
[ERROR] 
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR] 
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/ProjectBuildingException
[ERROR] [Help 2] http://cwiki.apache.org/confluence/display/MAVEN/UnresolvableModelException
Error: Project couldn't be built: exit status 1
```

This is due to an invalid (obsolete) ref in the parent artifact.

Full logs: https://gitlab.com/gitlab-org/security-products/tests/webgoat/-/jobs/322887707
 2019-10-30 08:28:42 +01:00
Nanne Baars
710adfae20 Upgrade to latest Spring Boot version 2019-10-30 08:28:14 +01:00
Nanne Baars
9b87fd602c Explicitly set session persistence to false (result in non serializable exception) 2019-10-30 08:28:14 +01:00
Nanne Baars
28299f3ced Bind HSQLDB to same address as WebGoat 2019-10-30 08:28:14 +01:00
Nanne Baars
689e3de7a4 Final changes for splitting SQL WebGoat and lessons 2019-10-30 08:28:14 +01:00
Nanne Baars
25dae3a4a8 Fix merge request 2019-10-30 08:28:14 +01:00
Nanne Baars
d73875e8e8 Remove empty line 2019-10-30 08:28:14 +01:00
Nanne Baars
e783c0c1f1 SQL: Cannot use apostrophe/quotes on string literals #662 2019-10-30 08:28:14 +01:00
Nanne Baars
2a6b3d189e Disable csrf through property no longer works and we already have it in WebSecurityConfig. Thymeleaf templates caching is set on the resolvers themselves 2019-10-30 08:28:14 +01:00
Nanne Baars
96d11697d4 SQL Injection lesson 6 minor mistakes in examples #663 2019-10-30 08:28:14 +01:00
Nanne Baars
a0933d83d5 Reworked all the SQL statements to be uppercase 2019-10-30 08:28:14 +01:00
Cotonne
9fdbbf69d6 Proposition for fixing broken/improving links (#686) 
* As stated on enzoic.com: "PasswordPing is now Enzoic!"

* Add references to other OWASP resources
 2019-10-16 17:29:27 +02:00
Rene Zubcevic
1f00d461a8 cleaned logs and changed username length for csrf-uuid 2019-10-15 13:59:18 +02:00
Rene Zubcevic
6dc679e7b8 final tests and fixed the issue of getting the name of the loggedinuser 2019-10-15 13:59:18 +02:00
Rene Zubcevic
00873cfe3f csrf7 test cases added 2019-10-15 13:59:18 +02:00
Rene Zubcevic
e932253f06 initial test cases added 2019-10-15 13:59:18 +02:00
Rene Zubcevic
8d7142e6d3 upgrade ascii doc with support for link in new tab 2019-10-15 13:55:34 +02:00
René Zubcevic
e0ac4a1083
lessons in correct order and scoreboard visible again (#680) 2019-10-10 09:45:43 +02:00
René Zubcevic
f140875156
fixed views for password reset (#679) 2019-10-10 07:50:47 +02:00
René Zubcevic
18d43f16d3
working version with fixed link and GET for tracing purposes (#677) 
* working version with fixed link and GET for tracing purposes

* added integration test

* filter on request log
 2019-10-09 09:58:35 +02:00
Atharva Vaidya
aee4b74202 Update Receiving_mail.adoc (#676) 2019-10-03 18:22:54 +02:00
Choe Hyeong Jin
b481ed70e8 Fix typo in SQL Injection(Introduction) (#675) 
Fix typo `date` to `data` which seems more appropriate in context.
 2019-10-03 10:01:35 +02:00
René Zubcevic
fd7fb4cfbc
seems that we forgot about this one in the spring-boot-2 upgrade (#674) 2019-10-02 14:52:21 +02:00
René Zubcevic
663224d06a
xxe path info (#670) 
* xxe path info aid added

* xxe path info aid added

*  changes to template file and hints

* added ssl test support for XXE

* added ssl test support for XXE

* restconfig replaced by httpsrelaxed

* processed review comments on hints and example
 2019-10-02 09:59:32 +02:00
René Zubcevic
7536770769
deserialization made solvable again (#673) 
* first objects and unit tests for making a fix for the lesson

* example added

* unit test for windows and linux

* added unit tests hints and feedbacks and updated lesson pages

* small typo correction
 2019-10-02 08:26:48 +02:00
René Zubcevic
6c14f4987c Update IntroductionWebWolf.adoc 
use aangepast in gebruiker
 2019-10-02 07:55:57 +02:00
Rene Zubcevic
3d38ed7680 some text change 2019-10-02 07:55:57 +02:00
Rene Zubcevic
1a11702979 NL intro 2019-10-02 07:55:57 +02:00
René Zubcevic
0319c477b1
XSS lesson completion fixes (#669) 
* XSS lesson completion fixes

* removed log all

* lesson progress capable of deprecated assignments in the database

* fixed unit test for lesson progress
 2019-09-29 14:46:18 +02:00
René Zubcevic
45c7949118
Merge pull request #668 from afcidk/fix-typo 
thanks for the fix
 2019-09-27 15:05:59 +02:00
Pei Hsuan Hung
9b906a2a29 Fix typo in XXE lesson 2019-09-25 00:37:36 +08:00
Nanne Baars
686d8b0c85
Merge pull request #667 from WebGoat/spring-boot-2 
Spring boot 2
 2019-09-24 17:09:09 +02:00
Nanne Baars
d080b3ef06 Review comment 2019-09-24 07:36:49 +02:00
Nanne Baars
dad9c75ee0 Fix tests after updating from develop, changes applied for migrating to Spring Boot 2 2019-09-23 17:35:04 +02:00
Nanne Baars
35c1305ce9 Merge conflicts resolved 2019-09-23 07:34:27 +02:00
Nanne Baars
261f947777 Fix 2019-09-20 17:45:33 +02:00
Nanne Baars
c8ef848657 Fix 2019-09-20 17:36:15 +02:00
Nanne Baars
f29b923eef FIx? 2019-09-20 17:10:58 +02:00
Nanne Baars
6fe5831f11 FIx? 2019-09-20 16:46:26 +02:00
Nanne Baars
cf00454f8b Testing issue 2019-09-20 08:30:07 +02:00
Nanne Baars
e8d086ac9b All successful 2019-09-20 07:59:04 +02:00
René Zubcevic
3ec4592fb2
Merge pull request #657 from WebGoat/xxe-int-test 
XXE tests added
 2019-09-19 18:09:02 +02:00
Nanne Baars
d7a2596670 Update lesson template 2019-09-19 07:54:30 +02:00
Nanne Baars
9c431eb2a3 Remove (was not generated btw) 2019-09-18 18:03:40 +02:00
Nanne Baars
1be9397c21 Add notifications from Travis 2019-09-18 18:02:14 +02:00
Nanne Baars
82ad0a7cc7 Finally working 2019-09-18 17:53:43 +02:00
René Zubcevic
4777dab57a review comments processed 2019-09-18 17:46:32 +02:00
Rene Zubcevic
a5cb5b0e8e removed log in checkresults 2019-09-18 16:16:44 +02:00
Rene Zubcevic
30d38f9b56 completed test 2019-09-18 16:10:52 +02:00
Rene Zubcevic
ec236a4ff5 First steps in XXE integration tests 2019-09-18 14:48:34 +02:00