6f532683a1
lessonplan character updates so it also works on Windows Cp125
2020-04-20 12:54:18 +02:00
25e66ae412
use of script console in stead of browser address bar
2020-04-17 15:33:26 +02:00
089952e9ad
quiz fix for CIA, SQL Injection Advanced and XSS + XSS description
...
change in alert(document.cookie)
2020-04-17 15:33:26 +02:00
6c25cf8e43
Add path traversal lesson
2020-03-10 08:03:48 +01:00
208aa42fdb
relax detection regex ( #757 )
...
Allow for content before and after the script; Allow optional semicolon
2020-02-20 20:00:07 +01:00
4e371b63d0
suppressing some useless log messages and banners in unit tests ( #752 )
...
* suppressing some useless log messages and banners in unit tests
* some more log suppressed
2020-01-25 12:11:45 +01:00
5dd6b31905
Adjust lesson template ( #704 )
...
* Remove method `getId()` from all lessons as it defaults to the class name
* remove clean up endpoint
* remove unused class `RequestParameter`
* remove unused class `PluginLoadingFailure`
* Move `CourseConfiguration` to lesson package
* Add more content around the lesson template lesson and make it visible as a lesson in WebGoat
* Remove explicit invocation `trackProgress()` inside WebGoat framework so assignments only need to return an `AttackResult`
* Put original solution back as well for SQL string injection
* review comments
* Add
2019-11-17 13:39:56 +01:00
1a83e2825e
Code style ( #696 )
...
* Remove Guava dependency from WebGoat
* Add Checkstyle to the project with very basic standards so we have a
style across lessons. It does not interfere with basic Intellij formatting
2019-11-03 18:11:09 +01:00
d73875e8e8
Remove empty line
2019-10-30 08:28:14 +01:00
8d7142e6d3
upgrade ascii doc with support for link in new tab
2019-10-15 13:55:34 +02:00
0319c477b1
XSS lesson completion fixes ( #669 )
...
* XSS lesson completion fixes
* removed log all
* lesson progress capable of deprecated assignments in the database
* fixed unit test for lesson progress
2019-09-29 14:46:18 +02:00
e8d086ac9b
All successful
2019-09-20 07:59:04 +02:00
82ad0a7cc7
Finally working
2019-09-18 17:53:43 +02:00
f774364461
Working unit tests
2019-09-13 20:05:25 +02:00
7d9f24c86b
Update CrossSiteScripting_content9.adoc
...
Fix broken resource link
2019-08-06 05:26:05 -04:00
4bafc19883
fixed classcast exception on randValue
2019-04-21 13:59:26 +02:00
48d926491f
removed possible NullpointerException and System.out
2019-04-21 13:59:26 +02:00
b8e68d13b8
implement xss (mitigation) assignment 6
2019-03-26 08:43:38 +01:00
53c16c8b82
fixed minor spelling mistakes, unified wording
2019-03-26 08:43:38 +01:00
2be2de8ce1
Added improved quiz for cia-triad and xss
2019-03-26 08:43:38 +01:00
e8caeedf53
implemented xss-quiz
2019-03-26 08:43:38 +01:00
84f67b5a7e
changed order of xss mitigation lesson
2019-03-26 08:43:38 +01:00
8c7eaf87d6
Fixed package of xss-mititgation assignment. Hints are working again.
2019-03-26 08:43:38 +01:00
587c44b52e
Removed unused imports.
2019-03-26 08:43:38 +01:00
1d9abef80f
Page after assignment working again.
2019-03-26 08:43:38 +01:00
2f39f48747
deleted unnecessary lines
2019-03-26 08:43:38 +01:00
387a0e8e7d
assignment now has working feedback
2019-03-26 08:43:38 +01:00
0bd14d9178
(wrong branch) updated assignment (OWASP Java Encoder) and hints (still not shown)
2019-03-26 08:43:38 +01:00
06a8bd8b0e
Strength bar
2019-03-26 08:43:38 +01:00
8bc91ba4ec
finished assignment
2019-03-26 08:43:38 +01:00
cfce7763f0
Outcommented lines in XSS Lessons 3 that were causing erros
2019-03-26 08:43:38 +01:00
63502d6328
added jsoup html parser
2019-03-26 08:43:38 +01:00
971062561d
renamed hints
2019-03-26 08:43:38 +01:00
e7b69c4953
edited table of relevant special chars (\' not recommended because its not in the HTML spec)
2019-03-26 08:43:38 +01:00
8944bfcc1d
implemented xss mitigation assignment 1, draft validation without parser
2019-03-26 08:43:38 +01:00
6327b82204
ace editor text as request parameter
2019-03-26 08:43:38 +01:00
f209c424b4
mitigation preparations
2019-03-26 08:43:38 +01:00
73c2313658
added assignment draft (not working yet)
2019-03-26 08:43:38 +01:00
eb29ed00ff
Removed old unused files from XSS
2019-03-26 08:43:38 +01:00
58dc5d2d41
Removed unneccessary comments from html documents.
2019-03-26 08:43:38 +01:00
600c6203ef
Changed the lesson plans of all the XSS lessons.
2019-03-26 08:43:38 +01:00
2ee3b22207
Reworked some XSS assignments
2019-03-26 08:43:38 +01:00
990bf079d3
Added hints for dom-based xss assignment (part 2)
2019-03-26 08:43:38 +01:00
362671e67e
Added hints for dom-based xss assignment (part 1)
2019-03-26 08:43:38 +01:00
46f92dad3b
Added hints for Reflected XSS assignment.
2019-03-26 08:43:38 +01:00
2962ddbb3e
Restructured XSS category. Updated gitignore to ignore TestClass.class.
2019-03-26 08:43:38 +01:00
b0fbeaff2c
This improves the text of the lesson about XSS
2018-06-13 17:56:23 +02:00
3d282e163c
Show newest comments first
...
This prevents new comments from not being displayed after a comment containing invalid html has been posted.
2018-06-12 10:54:13 +02:00
7068c84c6a
Fix parameter in url and some spelling
2018-06-12 10:54:13 +02:00
ac1b9e8311
cleanup that was missed in prev. commit
2018-05-23 13:35:51 +02:00
