dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
3,738 Commits 11 Branches 78 Tags
55ac1b6ba124c027954bbfd5bc8943b6bc46c7e0
Commit Graph

3738 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Nanne Baars
0d4cc06342 chore: new release 2025.1 v2025.1 2025-03-01 16:38:56 +01:00
Nanne Baars
1d74727db6 chore: new release 2025.0 v2025.0 2025-03-01 16:03:06 +01:00
dependabot[bot]
957cd161f2 chore: bump org.wiremock:wiremock-standalone from 3.11.0 to 3.12.0 (#2026) 
Bumps [org.wiremock:wiremock-standalone](https://github.com/wiremock/wiremock) from 3.11.0 to 3.12.0.
- [Release notes](https://github.com/wiremock/wiremock/releases)
- [Commits](https://github.com/wiremock/wiremock/compare/3.11.0...3.12.0)

---
updated-dependencies:
- dependency-name: org.wiremock:wiremock-standalone
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-03-01 11:01:46 +01:00
Nanne Baars
16b7a13de8 chore: add test case for multiple users solving lessons (#2043) 2025-02-28 20:56:15 +01:00
Nanne Baars
95dcc56a19 fix: register user while already logged in as other user. (#2042) 2025-02-28 20:56:00 +01:00
Nanne Baars
55bd0a49db chore: cleanup IT tests (#2040) 2025-02-28 18:39:23 +01:00
dependabot[bot]
b5af30c819 chore: bump docker/build-push-action from 6.13.0 to 6.14.0 (#2033) 2025-02-27 18:35:10 +01:00
dependabot[bot]
3d4780d7e0 chore: bump org.testcontainers:testcontainers from 1.20.4 to 1.20.5 (#2034) 2025-02-27 18:34:58 +01:00
dependabot[bot]
92d4981b90 chore: bump com.diffplug.spotless:spotless-maven-plugin (#2035) 2025-02-27 18:34:47 +01:00
dependabot[bot]
8166b10c1a chore: bump org.testcontainers:junit-jupiter from 1.20.4 to 1.20.5 (#2036) 2025-02-27 18:34:36 +01:00
dependabot[bot]
6d1ebadf85 chore: bump org.springframework.boot:spring-boot-starter-parent (#2037) 2025-02-27 18:34:24 +01:00
dependabot[bot]
9572a7b840 chore: bump com.microsoft.playwright:playwright from 1.49.0 to 1.50.0 (#2025) 2025-02-22 20:55:35 +01:00
dependabot[bot]
6c16d4ccfc chore: bump io.github.bonigarcia:webdrivermanager from 5.9.2 to 5.9.3 (#2027) 2025-02-22 20:55:07 +01:00
dependabot[bot]
93c3f19ca7 chore: bump org.jruby:jruby from 9.4.11.0 to 9.4.12.0 (#2028) 2025-02-22 20:54:55 +01:00
dependabot[bot]
fadb07d73e chore: bump devops-infra/action-pull-request from 0.5.5 to 0.6.0 (#2029) 2025-02-22 20:54:44 +01:00
dependabot[bot]
f66126e53d chore: bump devops-infra/action-commit-push from 0.9.2 to 0.10.0 (#2030) 2025-02-22 20:54:32 +01:00
Nanne Baars
c3c520f487 refactor: small updates and improvements in HTTP Basic lesson (#2024) 
* refactor: cleanup attack result and builder

* refactor: solve compiler warnings

* feature: improve HTTP basics lesson

Closes: #494
 2025-02-18 14:26:21 +01:00
Nanne Baars
00f3538be2 chore: format all code according to SPDX (#2023) 2025-02-16 19:48:05 +01:00
dependabot[bot]
2a5b4385ea chore: bump com.diffplug.spotless:spotless-maven-plugin (#2006) 
Bumps [com.diffplug.spotless:spotless-maven-plugin](https://github.com/diffplug/spotless) from 2.41.1 to 2.44.2.
- [Release notes](https://github.com/diffplug/spotless/releases)
- [Changelog](https://github.com/diffplug/spotless/blob/main/CHANGES.md)
- [Commits](https://github.com/diffplug/spotless/compare/maven/2.41.1...maven/2.44.2)

---
updated-dependencies:
- dependency-name: com.diffplug.spotless:spotless-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-15 19:52:40 +01:00
dependabot[bot]
79ac5b7b99 chore: bump docker/build-push-action from 6.12.0 to 6.13.0 (#2012) 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.12.0 to 6.13.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v6.12.0...v6.13.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-15 18:55:37 +01:00
dependabot[bot]
8638d94595 chore: bump org.springframework.boot:spring-boot-starter-parent (#2013) 
Bumps [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) from 3.4.1 to 3.4.2.
- [Release notes](https://github.com/spring-projects/spring-boot/releases)
- [Commits](https://github.com/spring-projects/spring-boot/compare/v3.4.1...v3.4.2)

---
updated-dependencies:
- dependency-name: org.springframework.boot:spring-boot-starter-parent
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-15 18:55:26 +01:00
dependabot[bot]
3ef5e34dd0 chore: bump org.jruby:jruby from 9.4.9.0 to 9.4.11.0 (#2017) 
Bumps org.jruby:jruby from 9.4.9.0 to 9.4.11.0.

---
updated-dependencies:
- dependency-name: org.jruby:jruby
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-15 18:55:09 +01:00
dependabot[bot]
019ab0495f chore: bump com.auth0:java-jwt from 4.4.0 to 4.5.0 (#2018) 
Bumps [com.auth0:java-jwt](https://github.com/auth0/java-jwt) from 4.4.0 to 4.5.0.
- [Release notes](https://github.com/auth0/java-jwt/releases)
- [Changelog](https://github.com/auth0/java-jwt/blob/master/CHANGELOG.md)
- [Commits](https://github.com/auth0/java-jwt/compare/4.4.0...4.5.0)

---
updated-dependencies:
- dependency-name: com.auth0:java-jwt
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-15 18:54:59 +01:00
dependabot[bot]
2aeee521ab chore: bump org.wiremock:wiremock-standalone from 3.10.0 to 3.11.0 (#2019) 
Bumps [org.wiremock:wiremock-standalone](https://github.com/wiremock/wiremock) from 3.10.0 to 3.11.0.
- [Release notes](https://github.com/wiremock/wiremock/releases)
- [Commits](https://github.com/wiremock/wiremock/compare/3.10.0...3.11.0)

---
updated-dependencies:
- dependency-name: org.wiremock:wiremock-standalone
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-15 18:54:49 +01:00
dependabot[bot]
b940e5ce58 chore: bump docker/setup-qemu-action from 3.3.0 to 3.4.0 (#2022) 
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v3.3.0...v3.4.0)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-15 18:54:38 +01:00
Nanne Baars
9c90a24cc0 docs(CSRFFeedback.java): fixed one invalid solution about CSRF attack (#2010) 
Co-authored-by: HackHuang <GoogTech@outlook.com>
Co-authored-by: HackHuang <hi@goog.tech>
 2025-01-26 20:23:40 +01:00
dependabot[bot]
2ac50bfbd8 chore: bump docker/build-push-action from 6.11.0 to 6.12.0 (#2005) 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.11.0 to 6.12.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v6.11.0...v6.12.0)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-01-26 19:18:25 +01:00
Nanne Baars
d96dbe2edf fix: build failure 2025-01-26 18:47:10 +01:00
Nanne Baars
8e45316638 feat: Introduce Playwright for UI testing 
Instead of using Robot Framework which does not run during a `mvn install`. Playwright seems to be the better approach. We can now write them as normal JUnit test and they are executed during a build.

Additionally this PR solves some interesting bugs found during writing Playwright tests:

- A reset of a lesson removes all assignments as a result another user wouldn't see any assignments
- If someone solves an assignment the assignment automatically got solved for a new user since the assignment included the `solved` flag which immediately got copied to new lesson progress.
- Introduction of assignment progress linking a assignment not directly to all users.
 2025-01-26 16:59:59 +01:00
dependabot[bot]
9d5ab5fb21 chore: bump docker/setup-qemu-action from 3.1.0 to 3.3.0 (#2000) 2025-01-14 23:33:20 +01:00
dependabot[bot]
aee7abc6b7 chore: bump docker/build-push-action from 6.10.0 to 6.11.0 (#2001) 2025-01-14 23:32:04 +01:00
Nanne Baars
06e2fdbd33 refactor: use symbolic link for Java (#1996) 2025-01-12 16:17:45 +01:00
dependabot[bot]
02f43c54d0 chore: bump org.springframework.boot:spring-boot-starter-parent (#1994) 2024-12-25 11:00:53 +01:00
dependabot[bot]
19f4f8dc46 chore: bump com.google.guava:guava from 33.3.1-jre to 33.4.0-jre (#1995) 2024-12-25 11:00:37 +01:00
Nanne Baars
112ca3ab22 fix: enable resource patterns again (#1993) 
`LessonScanner.java` got removed by mistake.

Closes: gh-1992
 2024-12-21 18:47:30 +01:00
Nanne Baars
0244655409 feat: Move to Java 23 
Closes: gh-1990
 2024-12-21 14:16:33 +01:00
dependabot[bot]
a95213757d chore: bump org.springframework.boot:spring-boot-starter-parent from 3.3.5 to 3.4.0 (#1962) 2024-12-16 20:16:10 +01:00
dependabot[bot]
6d90852c1f chore: bump org.apache.commons:commons-text from 1.12.0 to 1.13.0 (#1986) 2024-12-16 20:15:53 +01:00
Nanne Baars
4f8652758c refactor: remove unused code (#1985) 2024-12-15 13:06:49 +01:00
Nanne Baars
5fc2e0602c refactor: move plugin messages (#1968) 2024-12-03 22:13:44 +01:00
dependabot[bot]
f3c7f4588b chore: bump docker/build-push-action from 6.9.0 to 6.10.0 (#1969) 2024-12-03 22:13:24 +01:00
dependabot[bot]
119b84d034 chore: bump org.wiremock:wiremock-standalone from 3.9.2 to 3.10.0 (#1970) 2024-12-03 22:13:11 +01:00
dependabot[bot]
afd951228d chore: bump org.jsoup:jsoup from 1.18.1 to 1.18.3 (#1971) 2024-12-03 22:13:00 +01:00
Jeong Rok Suh
51e3f59054 fix: Hint labels showing default text regardless of localization (#1965) 2024-11-26 23:34:09 +01:00
dependabot[bot]
cc0efd8600 chore: bump commons-io:commons-io from 2.17.0 to 2.18.0 (#1961) 2024-11-26 23:21:10 +01:00
dependabot[bot]
e29dccf3c9 chore: bump org.testcontainers:junit-jupiter from 1.20.3 to 1.20.4 (#1963) 2024-11-26 23:20:25 +01:00
dependabot[bot]
0cf861fb3c chore: bump org.testcontainers:testcontainers from 1.20.3 to 1.20.4 (#1964) 2024-11-26 23:20:11 +01:00
Nanne Baars
d8100385b6 fix: automatically solve XSS mitigation (#1957) 
This PR moves the mitigation Java class into the correct package.

The lesson was automatically solved because no assignments were found.

Closes: #1943
 2024-11-14 08:42:55 +01:00
Nanne Baars
4880afa0e3 fix: remove implicit context path guessing (#1956) 
Pass the context-path in the assignment overview so the frontend can easily match an assignment.
 2024-11-13 21:32:28 +01:00
dependabot[bot]
e60ca6ce72 chore: bump org.jruby:jruby from 9.4.8.0 to 9.4.9.0 (#1954) 2024-11-11 13:46:45 +01:00