dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,489 Commits 11 Branches 78 Tags
59c96f98907c09bea5bd74c2978f4310d10fe231
Commit Graph

91 Commits

Author SHA1 Message Date
Nanne Baars
1a854a500e Lesson overview 2016-11-29 20:27:54 +01:00
Mario Zupan
6acd149e5f Issue #265: Created LabelService to support UI localization 2016-11-23 14:20:43 +01:00
Doug Morato
3340eb92dd Merge branch 'feature/spring-boot' into develop 
* feature/spring-boot: (92 commits)
  XXE checkin
  XXE checkin
  XXE first attempt
  HTTP-Basics mark lesson complete issue fixed
  cleaning up some
  fixing the scroll 'sliver' problem. Likely need to check back on this when menu grows again
  lesson pagination fixes mainly, some other fixes included & clean up
  Incremental style changes
  refactor to help accomodate multiple attacks and output in one 'page'
  Updated some of the credits
  double-feedback fix on single page
  commenting out to stop redundant callbacks
  few cleanup items, added least privilege
  Fixed test for password
  First wave is complete; some rendering issues
  Trying to wire up the DB connection and fill out first sql stub
  Fixing hide/show of next/prev buttons
  another stub
  First round of sql injection with stubs
  Give focus to username when loading the login page
  ...

Signed-off-by: Doug Morato <dm@corp.io>

# Conflicts:
#	.travis.yml
#	README.MD
#	pom.xml
#	webgoat-container/pom.xml
#	webgoat-container/src/main/java/org/owasp/webgoat/HammerHead.java
#	webgoat-container/src/main/java/org/owasp/webgoat/lessons/AbstractLesson.java
#	webgoat-container/src/main/java/org/owasp/webgoat/lessons/LessonAdapter.java
#	webgoat-container/src/main/java/org/owasp/webgoat/plugins/PluginsLoader.java
#	webgoat-container/src/main/java/org/owasp/webgoat/service/RestartLessonService.java
#	webgoat-container/src/main/java/org/owasp/webgoat/session/WebgoatContext.java
#	webgoat-container/src/main/resources/static/js/goatApp/controller/LessonController.js
#	webgoat-container/src/main/resources/webgoat.properties
#	webgoat-container/src/main/webapp/META-INF/context.xml
#	webgoat-container/src/main/webapp/WEB-INF/context.xml
#	webgoat-container/src/main/webapp/js/goatApp/view/LessonContentView.js
#	webgoat-container/src/test/java/org/owasp/webgoat/plugins/WebGoatIT.java
#	webgoat-container/src/test/resources/log4j.properties
#	webgoat_developer_bootstrap.sh
 2016-11-18 22:37:39 -05:00
Nanne Baars
5babe19f2b Fixed issue with lesson tracking 2016-11-15 09:28:39 +01:00
Nanne Baars
0bec575913 Moving forward cleaning up some unnecessary lesson super classes which we 
do not need to support anymore in 8.0:

- Introduced DI thoughout the code base
- Removed most superclasses of a lesson
- Hammerhead is now simplified to only one line of code
- Cleaned up WebSession
- Removed code which dealt with user roles, lesson fetching, username etc
- LessonTracker improvements
- Removed almost all code from the Screen class
- Removed ECS from the container project
- Removed adminstration pages, contained a lot of ECS codes which is much
  simpler to just rewrite when necessary
 2016-11-06 21:09:47 +01:00
Nanne Baars
e86d5b6820 Fixing Travis build - removing Sauce test cases as it will be much easier to create testcases and the UI is created based on asciidoc templates. 2016-10-30 15:41:45 +01:00
Nanne Baars
89a717bbd2 Clean up and introduced Spring Dev tools to automatically reload classes. 2016-10-30 15:13:32 +01:00
Doug Morato
9abb4e56b9 Updated SauceLabs Integration Tests browser versions 2016-10-12 15:12:59 -04:00
Nanne Baars
1033df4d15 Added Vagrant for users and developers 2016-09-23 20:45:46 +02:00
Nanne Baars
5d69467c6f Added testcase for RoleBasedAccessControl 2016-09-22 17:46:13 +02:00
Nanne Baars
a0f1bc16ce Removed Edge browser from integration testing 2016-09-22 07:47:31 +02:00
Nanne Baars
bc0fb38b4d Removed logging while running testcases 2016-09-19 23:56:50 +02:00
Nanne Baars
c7a03abdc3 Fixing the functional testcases together with Travis CI which stopped due to excessive logging from the Tomcat 7 Maven plugin 2016-09-19 23:42:21 +02:00
Nanne Baars
0687b088b6 Fixing the functional testcases together with Travis CI which stopped due to excessive logging from the Tomcat 7 Maven plugin 2016-09-19 23:08:44 +02:00
Nanne Baars
6919b15013 Fix failing testcases 2016-09-17 22:37:20 +02:00
Nanne Baars
e084816b8b Fixing failing testcase and enabling all browsers again 2016-09-17 21:43:10 +02:00
Nanne Baars
131413e11b Fixed testcase failed open authentication scheme 2016-09-17 21:37:11 +02:00
Nanne Baars
7ee7e9e683 Added testcase for JavaScript validation 2016-09-17 21:08:50 +02:00
Nanne Baars
9b634a47c6 Added testcase for client side validation 2016-09-17 14:56:29 +02:00
Nanne Baars
a1375b6718 Fixed failing testcase 2016-09-15 23:17:05 +02:00
Nanne Baars
5e797db3ec Fixing compile error 2016-09-15 23:02:25 +02:00
Ruben van Vreeland
db5e418cbf Indicate exception thrown 2016-09-14 22:00:35 +02:00
Ruben van Vreeland
fd010782eb Fix missing .class 2016-09-14 21:42:36 +02:00
Ruben van Vreeland
22688622fd Code cleanup using @Test(expected = Exception) 
Code edited in the browser, please run tests ;)
 2016-09-14 21:35:52 +02:00
Nanne Baars
2027a0ae7d Added testcases for lesson plan / solutions for lesson with stages. 2016-09-12 21:54:05 +02:00
Nanne Baars
8e9bebacd7 - Added more testcases since now we have static IDs for the lessons. 
- Changed the RestartLessonService because returning the text/html triggered the browser to show a popup which made the Selenium tests fail.
 2016-09-11 20:51:38 +02:00
Jason White
f57d076fab turning off test in the interim 2016-07-05 08:24:28 -04:00
Nanne Baars
ecc8cb391b First attempt to remove JSP and move to Thymeleaf and update to Spring Boot. The Thymeleaf templates can be loaded as snippets which makes it more easy to move away from ECS and create normal HTML pages for a lesson. 2016-04-09 14:06:03 +02:00
Daniel Kvist
0401779f58 Fix broken test 2016-03-31 23:06:16 +02:00
Daniel Kvist
e6fb74fa55 Implementation of developer controls to reload plugins and set label debugging from the GUI. Ref: webgoat/webgoat#93 2016-03-30 22:07:11 +02:00
Jason White
b3541231bc #165 provide default and ability to override in lesson 2016-01-14 09:01:47 -05:00
Ilguiz Latypov
de71f2700e Let user-composed (CSRF) attacks send one-request actions, as opposed to the address bar MVC links requesting lessons. The lesson display servlets have javascript that requests data and actions. 2015-11-07 05:43:31 -05:00
Doug Morato
214d52685f Merge fixes from Nanne 
# By Nanne Baars
# Via Nanne Baars
* 'master' of git://github.com/nbaars/WebGoat:
  Fixed loading plugins: sometimes failed file was not correctly extracted

# Conflicts:
#	webgoat-container/src/main/java/org/owasp/webgoat/plugins/Plugin.java
#	webgoat-container/src/main/java/org/owasp/webgoat/plugins/PluginExtractor.java
#	webgoat-container/src/main/java/org/owasp/webgoat/plugins/PluginFileUtils.java
#	webgoat-container/src/main/java/org/owasp/webgoat/util/LabelProvider.java
 2015-09-17 22:45:14 -04:00
Nanne Baars
9474f66d96 Fixed loading plugins: sometimes failed file was not correctly extracted 2015-09-17 07:29:51 +02:00
Doug Morato
a8ce11ee14 Initial work on adding more browsers to SauceLabs testing 2015-09-16 21:11:54 -04:00
Nanne Baars
f31150ffdf Property files are now detected while extracting the plugin 2015-09-15 18:27:11 +02:00
Nanne Baars
e81cbd34ca Http Basics lessons fails to load #53 2015-08-27 08:44:25 +02:00
Doug Morato
62db0bfdef Adding basic Integration Tests with Sauce Labs integration 2015-08-24 19:24:22 -04:00
Doug Morato
2212bd0805 Initial push of testing work 2015-08-24 19:24:21 -04:00
Nanne Baars
69350a6e0c Fixed not serializable error when stopping/starting Tomcat 2015-08-22 10:40:42 +02:00
Nanne Baars
42f373d66a Moved Maven multiproject setup 2015-08-11 21:57:12 +02:00