dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,269 Commits 11 Branches 78 Tags
Commit Graph

154 Commits

Author SHA1 Message Date
Nanne Baars
4a19ddf40a Endpoints provided by lessons now work 2016-05-13 14:45:53 +02:00
Nanne Baars
79102c6ddd Lessons which load JavaScript etc now works 2016-04-26 18:59:51 +02:00
Nanne Baars
9066e45725 Updating README and moving webapp dir to old 2016-04-10 21:22:20 +02:00
Nanne Baars
289da771c9 Login and logout works together with context root 2016-04-10 14:56:27 +02:00
Nanne Baars
d0acfc00c0 Menu options about version, user info work again. 2016-04-09 22:08:40 +02:00
Nanne Baars
576333af7c Merging changes from Daniel back into the Spring Boot structure 
- different js location
  - Fixed label debugging which kept on reloading and reloading the lesson
  - Changes from .jsp merged into .html
 2016-04-09 15:40:53 +02:00
Nanne Baars
a8ea4a16e6 Images from solutions are loading again 2016-04-09 14:09:34 +02:00
Nanne Baars
8ff02cab6d Fully working WebGoat after migrating to Spring Boot. 2016-04-09 14:09:29 +02:00
Nanne Baars
ecc8cb391b First attempt to remove JSP and move to Thymeleaf and update to Spring Boot. The Thymeleaf templates can be loaded as snippets which makes it more easy to move away from ECS and create normal HTML pages for a lesson. 2016-04-09 14:06:03 +02:00
Nanne
7f91671c8f Merge pull request #229 from span/start-page-link 
Fix broken start/home link on logo
 2016-04-08 18:27:37 +02:00
Nanne
a8f8d4b4fa Merge pull request #228 from span/developer-controls 
Developer controls
 2016-04-08 18:27:29 +02:00
Nanne
263ce31db3 Merge pull request #224 from WebGoat/feature/137 
Admin should also be able to see the solution, source and lesson plan.
 2016-04-08 18:27:21 +02:00
Nanne
407a5a810b Merge pull request #220 from WebGoat/feature/169 
Feature/169
 2016-04-08 18:27:12 +02:00
Nanne
46b24d72c9 Merge pull request #212 from nbaars/develop 
Fixed #184
 2016-04-08 18:27:00 +02:00
Daniel Kvist
0401779f58 Fix broken test 2016-03-31 23:06:16 +02:00
Daniel Kvist
7758947711 Load welcome.mvc instead of start.mvc when navigating home on the log, fixes #218 2016-03-31 23:02:54 +02:00
Daniel Kvist
58ae7f3727 Move loading of developer controls so they do not reload every time. Also reload current lesson after reloading labels. Ref webgoat/webgoat#93. 2016-03-31 22:56:17 +02:00
Daniel Kvist
2be4248ea3 Add menu toggle to show/hide the controls. Ref webgoat/webgoat#93 2016-03-30 22:38:18 +02:00
Daniel Kvist
e6fb74fa55 Implementation of developer controls to reload plugins and set label debugging from the GUI. Ref: webgoat/webgoat#93 2016-03-30 22:07:11 +02:00
Nanne Baars
b06d9ffd81 Admin should also be able to see the solution, source and lesson plan. 2016-03-29 01:24:07 +02:00
Nanne Baars
042a62624f Fixed the classnames in the wsdd config file (moved to different package) 2016-03-29 00:17:01 +02:00
Nanne Baars
015dcbde38 Added image for Github developers documentation about lesson progress implementation. 2016-03-28 08:38:25 +02:00
Nanne Baars
60192db921 Renamed everything to 'progress' instead of 'completed' 2016-03-28 08:37:18 +02:00
Nanne Baars
b4cc27c761 Lesson completed message is now within js which makes it possible to show the Congratulation message after the CSRF link has been clicked. 
Same as marking the lesson complete green checkbox
 2016-03-27 17:46:06 +02:00
Nanne Baars
1815494681 Injection Flaws -> Limit Command Injection success to a set of commands and clarify this to the user #179 
- Defuse command boolean flag is no longer necessary due to a change in the lesson, removed this flag from the webgoat-container project
 2016-03-19 12:40:28 +01:00
Daniel Kvist
6c92f0629e Fix #213 by changing the id of the restart button to the correct it 2016-03-18 21:11:49 +01:00
Nanne Baars
7a7fb088ad #173 Added the URL for WebGoat to the console output 2016-03-18 14:38:49 +01:00
Nanne Baars
bc6b040f42 Injection Flaws | XPath Injection date file path issue #184 
- Enabled the lesson again because lesson has been fixed
 2016-03-18 13:39:18 +01:00
Nanne Baars
50c4d9c170 Removed duplicate entry 2016-03-18 13:17:10 +01:00
Nanne
5d393d1d65 Merge pull request #207 from span/weak-auth-cookie-enable 
Enable weak authentication cookie lesson
 2016-02-25 22:07:46 +01:00
Nanne
f5a5335e31 Merge pull request #205 from muzir/develop 
-- Remove raw type usage, add type check parameter.
 2016-02-25 22:06:24 +01:00
Daniel Kvist
a9a7c18592 Enable weak authentication cookie lesson if webgoat/webgoat#181 is not reproducible 2016-02-24 15:23:03 +01:00
muzir
25f08ea9b4 -- Remove raw type usage, add type check parameter. 
-- Remove unused variable and unused imports.
 2016-02-23 15:15:47 +02:00
Jason White
575c940655 #180, clean up 2016-02-18 21:26:32 -05:00
Jason White
7c65441c8e #180, better management of show* buttons 2016-02-18 19:44:12 -05:00
Ruslan Boyarsky
daa05dd192 Seems locale should not depend of request's Accept-Language header. 
Signed-off-by: Nanne Baars <nbaars@xebia.com>
 2016-02-12 23:42:21 +01:00
mayhew64
dbb75980c9 Merge pull request #197 from span/htmlencoder 
Fixes #195 by adding static initialisation of the maps
 2016-02-12 13:02:41 -05:00
Daniel Kvist
77c4a04d3d Fixes #195 by adding static initialisation of the maps rather then using the constructor 2016-02-04 23:27:31 +01:00
Daniel Kvist
59549e3b21 Add stage parameter in the session to keep track of current stage so that we do not reset the stage and recreate the database in the middle of a lesson. To do this a small refactor of WebSession was made which simply extracts some methods from the previously large update method. Ref #176. 2016-02-04 23:21:12 +01:00
Doug Morato
724c084abf Updading develop branch pom versions to 7.1-SNAPSHOT 2016-02-01 18:30:53 -05:00
Doug Morato
f825bead8b The OWASP WebGoat 7.0.1 Release 2016-02-01 18:09:48 -05:00
Daniel Kvist
370c34b7da Disable cross-site scripting lab 2016-02-01 21:47:28 +01:00
Doug Morato
35e9b36b00 [maven-release-plugin] prepare for next development iteration 2016-02-01 13:57:19 -05:00
Doug Morato
dcf1995fe8 [maven-release-plugin] prepare release 7.0 2016-02-01 13:57:16 -05:00
Doug Morato
6320c2d22d Fixining all the javadoc issues preventing the release 
In order to perfom a Sonatype OSS release, all the javadocs must pe corretly and completely parsed in order to pass the release requirement.
This comment is only adding "comments' pertaining to javadoc. NO CODE HAS BEEN CHANGED

Signed-off-by: Doug Morato <dm@corp.io>
 2016-01-31 23:14:50 -05:00
mayhew64
416fda799b issue #147 disabling broken lessons 2016-01-30 13:45:26 -05:00
Jason White
76fa797857 #167 removing refrences to github.io in code 2016-01-18 06:42:05 -05:00
Jason White
07f0cea0a0 #165 cleaning up interim code 2016-01-14 09:03:43 -05:00
Jason White
b3541231bc #165 provide default and ability to override in lesson 2016-01-14 09:01:47 -05:00
Nanne Baars
e1be080eea Forced browsing lesson does not show success #143 2016-01-06 18:47:59 +02:00