2fd09c3084 
					 
					
						
						
							
							Add a new Concurrency lesson  
						
						... 
						
						
						
						Created by Ryan Knell @Aspect Security
git-svn-id: http://webgoat.googlecode.com/svn/trunk@222  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2008-01-10 10:08:45 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						3b128c8ebb 
					 
					
						
						
							
							Removed space from path information  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@221  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2008-01-09 19:50:49 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						84ca966ce5 
					 
					
						
						
							
							Added client side validation to HiddenFieldTampering.java, added a new ECS makeButton with a OnClick function, corrected authorship in several files  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@220  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2008-01-09 13:28:07 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						3645564018 
					 
					
						
						
							
							Added source parameter to "Show Java" for showing lesson source code.  Added Google Mail configuration to UncheckedEmail lesson.  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@219  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2008-01-08 12:53:09 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						d92c716ff4 
					 
					
						
						
							
							Added source parameter to "Show Java" for showing lesson source code.  Added Google Mail configuration to UncheckedEmail lesson.  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@218  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2008-01-08 12:51:13 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						23e7fe1f4f 
					 
					
						
						
							
							Build cleanup in order to create a complete developer distribution.  More menu cleanup  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@217  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2008-01-03 21:09:17 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f6e0cb7ed0 
					 
					
						
						
							
							Don't know what these are?  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@216  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2008-01-03 21:06:52 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						822ce10ca2 
					 
					
						
						
							
							5.1 RC2 build updates  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@215  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2008-01-02 14:05:58 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						c1f55215a8 
					 
					
						
						
							
							Menu cleanup for Lab stages.  Shortened menu names for most lessons.  Changed category naming to be more meaningful.  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@214  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2008-01-02 13:48:19 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						ee0bc82bec 
					 
					
						
						
							
							Single platform build.xml  
						
						... 
						
						
						
						Modified Lesson banners
Solutions guide and framework
git-svn-id: http://webgoat.googlecode.com/svn/trunk@213  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-10-08 20:37:43 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						a9fe7e6099 
					 
					
						
						
							
							Implement non-coding modes for the labs  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@211  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-25 12:57:57 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f62eb33c4b 
					 
					
						
						
							
							Commit Dave's fixes  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@210  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-25 12:57:17 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						d9979e46ed 
					 
					
						
						
							
							Another place where we need to compare without case  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@209  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-25 12:56:51 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						b67bb702d2 
					 
					
						
						
							
							Fix more places where the email address was hard-coded  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@208  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-25 12:56:35 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						6de7bd9ec9 
					 
					
						
						
							
							Fix the feedback address in other places  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@207  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-25 12:56:06 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						d65f5bfd85 
					 
					
						
						
							
							Make the stages not right aligned  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@206  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-25 12:55:57 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						7fd112bc5d 
					 
					
						
						
							
							Update Random Access Lessons to not include the stage number in the text  
						
						... 
						
						
						
						We add the stage number programmatically now, since we want to be able
to skip some stages.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@205  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-25 12:55:49 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						add34a24dc 
					 
					
						
						
							
							Make the test for the Auth header name case-insensitive  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@204  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-25 12:55:18 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						043c0e5926 
					 
					
						
						
							
							Remove Microsoft quotes  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@203  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-18 13:37:58 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						fb76b4916f 
					 
					
						
						
							
							Unify web.xml files. Also update the webgoat contact email address  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@202  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-18 13:37:42 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f9b5f8eddf 
					 
					
						
						
							
							Show completion of individual lesson stages  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@201  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-18 13:37:31 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						a2f99be11a 
					 
					
						
						
							
							Remove unnecessary setMessage() calls  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@200  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-18 13:37:24 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f831487fa2 
					 
					
						
						
							
							Add descriptions to the stages  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@199  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-18 13:36:42 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						002dbbf53c 
					 
					
						
						
							
							Point the windows config file to use the HSQLDB database  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@198  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-18 13:36:11 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						5fd4b44303 
					 
					
						
						
							
							Fix line endings  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@197  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-18 13:36:02 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						c65faceb1a 
					 
					
						
						
							
							A recent change to AbstractLesson.getLink() broke visit tracking  
						
						... 
						
						
						
						Fix the lesson tracking to be more specific.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@196  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-18 13:35:42 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						c1ddbd078f 
					 
					
						
						
							
							Correctly specify an in-memory database  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@195  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-18 13:35:31 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						ee8e9d91bb 
					 
					
						
						
							
							Mark SequentialLessonAdapter as abstract to prevent instantiation  
						
						... 
						
						
						
						Otherwise it shows up as an "Untitled Lesson"
git-svn-id: http://webgoat.googlecode.com/svn/trunk@194  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-18 13:35:22 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						0c2e04c655 
					 
					
						
						
							
							Remove unused import  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@193  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-18 13:35:06 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						7af27f7d1b 
					 
					
						
						
							
							Make per-user in-memory databases actually work  
						
						... 
						
						
						
						Previously we would just get a connection to the same database, regardless
of the user specified in the connect string. Trying to create
HSQLDB users did not seem to work. Non-ADMIN users don't have
CREATE TABLE privileges, it seems, and I couldn't find docs that
describe how to GRANT CREATE TABLE privileges. Go figure.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@192  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-18 13:34:53 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						cf047786f3 
					 
					
						
						
							
							An INSERT statement cannot be executed as a query  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@191  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-18 13:34:31 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						d04371884b 
					 
					
						
						
							
							Allow WebGoat to create per-user databases  
						
						... 
						
						
						
						This creates the infrastructure to allow WebGoat to create per-user
databases, so that any modifications made by one user do not affect
other users. Some lessons may have made provision for this internally
(e.g. CrossSiteScripting lesson), but this simplifies things generally.
This also switches the default database from Access on windows, and
Enhydra on Unix/other platforms to using HSQLDB, in an "in-memory"
configuration. We may get performance problems from having too many
instances of the database in memory at once at sites that have 10's
of users banging on a central WebGoat. Only time will tell.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@190  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-18 13:34:14 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						9d19fa2433 
					 
					
						
						
							
							Remove unused code to clean up warnings  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@189  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-18 13:33:14 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						9e352396d3 
					 
					
						
						
							
							Remove warnings by generic'ising users of Collections classes  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@188  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-18 13:32:59 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						e41a5ca395 
					 
					
						
						
							
							Removed unused code that was generating warnings  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@187  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-18 13:32:31 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						4a70fdac26 
					 
					
						
						
							
							Add automatically generated serialVersionUID to silence warnings  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@186  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-18 13:32:08 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						d709ff9506 
					 
					
						
						
							
							Fix warnings  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@185  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-18 13:31:42 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						9ea97126b8 
					 
					
						
						
							
							Use AbstractLesson.getLink() and getFormAction() more  
						
						... 
						
						
						
						Rather than constructing URL's manually all the time, rather
make use of existing mechanisms to create the URL, and use
it consistently.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@184  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-18 13:31:11 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						e27aaccb45 
					 
					
						
						
							
							Make multi-stage lessons show the individual stages in the menu  
						
						... 
						
						
						
						While we are about it, make AbstractLesson.getLink() include
the category (i.e. menu), so that the menu selection script
will still work.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@183  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-18 13:29:53 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						77ab0c5406 
					 
					
						
						
							
							Update stage completion message  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@182  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-18 13:29:33 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						84f3b5033d 
					 
					
						
						
							
							Minor changes to the challenge screen  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@181  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-18 13:29:15 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						184eaae260 
					 
					
						
						
							
							Update the messages issued when a stage is completed.  
						
						... 
						
						
						
						We provide an automatic message on completion, which is easy to override.
Simply call setMessage() AFTER calling setStageComplete().
git-svn-id: http://webgoat.googlecode.com/svn/trunk@180  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-18 13:29:07 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						ab0423cb78 
					 
					
						
						
							
							Update the stage descriptions and instructions  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@179  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-18 13:28:24 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						ad7f4aec68 
					 
					
						
						
							
							Re-add Aspect credits for various lessons  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@178  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-18 13:28:02 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						5f5e2e829a 
					 
					
						
						
							
							The return type fix got lost.  
						
						... 
						
						
						
						I don't know how to get back to the point in the SVN history
to fix this so that the build will actually work. I guess
I'd better just apply it here.
git-svn-id: http://webgoat.googlecode.com/svn/trunk@177  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-11 13:40:01 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						47a7619652 
					 
					
						
						
							
							Fixes: Make sure procedures are created in the right scope/user  
						
						... 
						
						
						
						Also, create the EMPLOYEE table first, since Oracle checks for it
git-svn-id: http://webgoat.googlecode.com/svn/trunk@176  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-11 12:56:41 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						afb5b9e740 
					 
					
						
						
							
							SQLPLUS does not process CREATE PROCEDURE lines without a trailing /  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@175  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-11 12:56:33 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						7bb2c087a0 
					 
					
						
						
							
							Add lesson plans for the DB labs  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@174  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-11 12:56:26 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						d1fe861a75 
					 
					
						
						
							
							Add a DB Cross Site Scripting lesson  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@173  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-11 12:56:13 +00:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						73035769aa 
					 
					
						
						
							
							Add stored procedures for the DB Cross Stie Scripting Lesson  
						
						... 
						
						
						
						git-svn-id: http://webgoat.googlecode.com/svn/trunk@172  4033779f-a91e-0410-96ef-6bf7bf53c507 
						
						
					 
					
						2007-07-11 12:55:32 +00:00