WebGoat

Author	SHA1	Message	Date
Àngel Ollé Blázquez	1c86f465dc	Renamed to clientsidefiltering	2022-07-31 22:39:21 +02:00
Àngel Ollé Blázquez	3b330fb328	Renamed to chromedevtools	2022-07-31 22:39:21 +02:00
Àngel Ollé Blázquez	8a35316985	Rename to bypassrestrictions	2022-07-31 22:39:21 +02:00
Àngel Ollé Blázquez	c63345e4ee	Rename authbypass	2022-07-31 22:39:21 +02:00
René Zubcevic	005b9f03a4	search the menu using input box (#1317 ) * working version * change onchange to oninput with minimum of three chars * working version with delay and fix for category click	2022-07-31 20:45:09 +02:00
René Zubcevic	4d48bd3d4c	fix in style sheet that now shows normal dropdown behaviour (#1315 )	2022-07-27 13:44:23 +02:00
René Zubcevic	71afc6b6f3	Workflow fix (#1311 ) * conditional step * conditional step	2022-07-25 09:55:24 +02:00
Àngel Ollé Blázquez	242fdf39a1	Fixes #1233 - Path traversal seems to contain wrong description	2022-07-24 22:09:16 +02:00
Nanne Baars	37163a99a6	Remove unused script	2022-07-24 15:34:43 +02:00
Nanne Baars	126ead2290	Add release notes	2022-07-24 15:34:43 +02:00
Àngel Ollé Blázquez	928bc32f4f	Update README.md	2022-07-24 15:34:08 +02:00
René Zubcevic	6b63aaf8b1	Robot framework (#1304 ) * added Robot framework UI tests * added Robot framework UI tests workflow * Update test.yml wait in workflow * remove obsolete selenium java libs and test * Update test.yml push result to commit as comment * Update test.yml push comment does not seem to work on WebGoat PR * clean up unrequired robot options * update readme	2022-07-24 12:28:01 +02:00
Àngel Ollé Blázquez	c4f16ceff6	Update README.md	2022-07-23 21:56:39 +02:00
Nanne Baars	4050d1817c	Move to JRE image	2022-07-23 09:39:52 +02:00
Nanne Baars	37186e1d90	Explicity add ports to Java command This way we don't have to mention it somewhere in the documentation it is all in one command	2022-07-23 09:39:52 +02:00
Nanne Baars	06b7244de7	Move XXE lesson to category A3: Injection	2022-07-23 09:39:52 +02:00
Nanne Baars	260168bb3f	Remove automatic selection of a random port	2022-07-23 09:39:52 +02:00
dependabot[bot]	af9ba18040	Bump docker/build-push-action from 3.0.0 to 3.1.0 (#1302 ) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3.0.0 to 3.1.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v3.0.0...v3.1.0) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-07-20 18:50:11 +02:00
René Zubcevic	20dd3ffb95	Lang switch (#1297 ) * language selector first steps * language german intro added * ascii doc lang attribute as additional option * removed some commented code * changed adoc resource loader to take into account the selected language * added readme * added lang test cases	2022-07-20 10:52:48 +02:00
Nanne Baars	24fcc8f321	Use starting instead of using.	2022-07-19 21:17:09 +02:00
Nanne Baars	ff965c83be	Adjust year	2022-07-19 21:17:09 +02:00
Nanne Baars	2aa3609461	Fix typo	2022-07-19 21:17:09 +02:00
Nanne Baars	fe7774bb6f	Update documentation regarding WebWolf WebWolf no longer runs as a separate application we can simplify the description.	2022-07-19 21:17:09 +02:00
René Zubcevic	9e3eb39069	removed one duplicate label key and made all login and register fields multi language (#1296 )	2022-07-16 06:53:39 +02:00
René Zubcevic	7add1ef73e	hints tested (#1295 )	2022-07-15 12:44:37 +02:00
René Zubcevic	4fc03381a8	Label hint tests (#1293 ) * label test * adjusted it test filter * label test added	2022-07-15 08:17:11 +02:00
René Zubcevic	16af4272a5	joda time refactored some dep fix (#1292 )	2022-07-14 09:11:06 +02:00
dependabot[bot]	b47568ed69	Bump actions/cache from 3.0.4 to 3.0.5 (#1291 ) Bumps [actions/cache](https://github.com/actions/cache) from 3.0.4 to 3.0.5. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v3.0.4...v3.0.5) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-07-14 09:03:51 +02:00
René Zubcevic	f8b7ca5c85	Pom update (#1290 ) * asciidoctorj update * pom and suppression updates	2022-07-11 13:28:44 +02:00
René Zubcevic	e4eb5d783a	Some updates and code improvements (#1288 ) * try with resources * StringBuilder * removed ant and updated spring boot	2022-07-10 17:13:26 +02:00
dependabot[bot]	7dd0dd0923	Bump actions/cache from 3.0.3 to 3.0.4 (#1270 ) Bumps [actions/cache](https://github.com/actions/cache) from 3.0.3 to 3.0.4. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v3.0.3...v3.0.4) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-06-20 15:25:31 +02:00
dependabot[bot]	aeb481e561	Bump actions/cache from 3.0.2 to 3.0.3 (#1260 ) Bumps [actions/cache](https://github.com/actions/cache) from 3.0.2 to 3.0.3. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v3.0.2...v3.0.3) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-06-04 18:06:55 +02:00
dependabot[bot]	8a22c88d61	Bump docker/build-push-action from 2.10.0 to 3.0.0 (#1252 ) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2.10.0 to 3.0.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v2.10.0...v3.0.0) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-05-18 08:36:51 +02:00
dependabot[bot]	724666e10f	Bump docker/setup-buildx-action from 1 to 2 (#1253 ) Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 1 to 2. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/v1...v2) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-05-18 08:36:39 +02:00
dependabot[bot]	4953dd63ed	Bump docker/setup-qemu-action from 1.1.0 to 2.0.0 (#1254 ) Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 1.1.0 to 2.0.0. - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](https://github.com/docker/setup-qemu-action/compare/v1.1.0...v2.0.0) --- updated-dependencies: - dependency-name: docker/setup-qemu-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-05-18 08:36:28 +02:00
dependabot[bot]	a32055995d	Bump docker/login-action from 1.14.1 to 2.0.0 (#1255 ) Bumps [docker/login-action](https://github.com/docker/login-action) from 1.14.1 to 2.0.0. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/v1.14.1...v2.0.0) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-05-18 08:36:01 +02:00
Àngel Ollé Blázquez	3c0b243797	Added new active developer (#1249 ) Fix footer	2022-05-06 07:34:49 +02:00
Àngel Ollé Blázquez	dfa31e0a28	JWT doc code typo fix (#1247 )	2022-04-20 08:16:21 +02:00
René Zubcevic	b32240f96b	owasp top10-2021 (#1235 )	2022-04-11 21:12:41 +02:00
René Zubcevic	02c3f9551f	update spring boot (#1242 )	2022-04-11 21:12:10 +02:00
dependabot[bot]	bc91ca86e8	Bump actions/cache from 2.1.7 to 3.0.2 (#1239 ) Bumps [actions/cache](https://github.com/actions/cache) from 2.1.7 to 3.0.2. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v2.1.7...v3.0.2) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-04-11 18:14:54 +02:00
dependabot[bot]	1dadf20ee0	Bump actions/checkout from 2 to 3 (#1240 ) Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-04-11 18:14:42 +02:00
dependabot[bot]	4ff41299e3	Bump actions/setup-java from 2 to 3 (#1241 ) Bumps [actions/setup-java](https://github.com/actions/setup-java) from 2 to 3. - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](https://github.com/actions/setup-java/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/setup-java dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-04-11 18:14:28 +02:00
Àngel Ollé Blázquez	a9fa53535d	Fix Build Badge and Link (#1238 )	2022-04-11 07:45:58 +02:00
Nanne Baars	711649924b	Refactoring (#1201 ) * Some initial refactoring * Make it one application * Got it working * Fix problem on Windows * Move WebWolf * Move first lesson * Moved all lessons * Fix pom.xml * Fix tests * Add option to initialize a lesson This way we can create content for each user inside a lesson. The initialize method will be called when a new user is created or when a lesson reset happens * Clean up pom.xml files * Remove fetching labels based on language. We only support English at the moment, all the lesson explanations are written in English which makes it very difficult to translate. If we only had labels it would make sense to support multiple languages * Fix SonarLint issues * And move it all to the main project * Fix for documentation paths * Fix pom warnings * Remove PMD as it does not work * Update release notes about refactoring Update release notes about refactoring Update release notes about refactoring * Fix lesson template * Update release notes * Keep it in the same repo in Dockerhub * Update documentation to show how the connection is obtained. Resolves: #1180 * Rename all integration tests * Remove command from Dockerfile * Simplify GitHub actions Currently, we use a separate actions for pull-requests and branch build. This is now consolidated in one action. The PR action triggers always, it now only trigger when the PR is opened and not in draft. Running all platforms on a branch build is a bit too much, it is better to only run all platforms when someone opens a PR. * Remove duplicate entry from release notes * Add explicit registry for base image * Lesson scanner not working when fat jar When running the fat jar we have to take into account we are reading from the jar file and not the filesystem. In this case you cannot use `getFile` for example. * added info in README and fixed release docker * changed base image and added ignore file Co-authored-by: Zubcevic.com <rene@zubcevic.com>	2022-04-09 14:56:12 +02:00
neilnaveen	f3d8206a07	Set permissions for GitHub actions (#1228 ) - Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs [Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/) Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much. Signed-off-by: neilnaveen <42328488+neilnaveen@users.noreply.github.com>	2022-04-09 12:54:32 +02:00
dependabot[bot]	56f5b0f0fa	Bump actions/cache from 2.1.7 to 3 (#1220 ) Bumps [actions/cache](https://github.com/actions/cache) from 2.1.7 to 3. - [Release notes](https://github.com/actions/cache/releases) - [Commits](https://github.com/actions/cache/compare/v2.1.7...v3) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-03-26 14:33:06 +01:00
dependabot[bot]	bed2eed8d8	Bump docker/build-push-action from 2.7.0 to 2.10.0 (#1218 ) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 2.7.0 to 2.10.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v2.7.0...v2.10.0) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-03-26 14:32:53 +01:00
dependabot[bot]	984548ae88	Bump actions/checkout from 2 to 3 (#1213 ) Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-03-09 14:52:49 +01:00
dependabot[bot]	32475ea37e	Bump docker/login-action from 1.13.0 to 1.14.1 (#1214 ) Bumps [docker/login-action](https://github.com/docker/login-action) from 1.13.0 to 1.14.1. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/v1.13.0...v1.14.1) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-03-09 14:52:28 +01:00

... 3 4 5 6 7 ...

2941 Commits