dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,312 Commits 11 Branches 78 Tags
Commit Graph

94 Commits

Author SHA1 Message Date
Nanne Baars
6b7678fb1d Remove old files 2020-03-10 08:03:48 +01:00
René Zubcevic
a8118a14cd add support for status 403 feedback from e.g. ModSecurity/CRS 2020-02-28 23:06:42 +01:00
Nanne Baars
edd6b7d7cf Reset lesson bug (#741) 
* Remove old code from UI

* Remove old code

* Remove old functions

* Remove unnecessary divs

* Remove logging to console

* Clear lesson messages (checkmark, output text etc) when lesson resets
 2020-01-05 20:22:50 +01:00
Matthias Grundmann
bae3e75ae2 Fix minor issues in hint view 2018-06-12 11:02:16 +02:00
Matthias Grundmann
89f6a73275
Fix next page button when url doesn't end with page number 2018-06-07 19:07:58 +02:00
Nanne Baars
dda6f674a3 Last assignment for JWT tokens finished 2018-05-23 14:28:19 +02:00
Jason
a73bf58d36 more hintview patching 2018-05-23 13:35:51 +02:00
Jason
91d9db5f80 work-arounds, fixes for page initialization and some clean-up 2018-05-23 13:35:51 +02:00
pjhggns
6a5ca43e7e Strip out slash-escaped JSON sequence received in client. 
The server will slash-escape some JSON related characters before sending. Need to strip them out before using, on the client side.
 2018-05-02 22:21:22 +02:00
miig
9aa674e326 stringfy object so it's visible in the console 2018-05-02 22:04:25 +02:00
Nanne Baars
e422da4c64 Polling for lesson updates (updates the menu and page navigation) 2018-04-27 18:50:13 +02:00
nbaars
05d8b590f3 Merge tag '8.0.0' into develop 
Release 8.0.0
 2017-12-30 16:52:24 +01:00
Nanne Baars
157b982394 successFunction and failureFunction were selected by using the main form (so the succesFunction of the first assignment was used for the next assignment) not the currentForm we determined in onFormSubmit() function. 2017-11-17 07:06:56 +01:00
Jason
24cf806787 more hints/helps cleanup 2017-10-25 18:05:08 -06:00
Jason
c6f1c5cd2a #351 - using listenToOnce to get rid of redundant calls 2017-10-25 17:11:54 -06:00
Nanne Baars
46c536554c - Added new challenges 
- Added new webapplication called WebWolf to make attacks more realistic
- Added WebWolf lesson to explain the concepts behind this new application
 2017-09-12 23:12:10 +02:00
Jason White
0cb4faf15f refactor to support cleaner scoping && success and failure callbacks 2017-07-18 17:39:58 -04:00
Jason White
fb65534355 Merging from 'injection-updates' into local develop branch 2017-07-03 15:22:02 -04:00
Jason White
2e4e4ea716 including restart lesson fix for lesson overview 2017-07-03 12:37:15 -04:00
Jason White
daaf361dd2 Lesson Overview updates 2017-07-03 12:14:01 -04:00
Jason White
89e2fc109c Work-around to handle special chars in action ... currently to be able to match {userId} in hint creation/assignment for IDOR 2017-06-27 10:24:38 -04:00
Jason White
dd18e68660 merge of upstream, conflict resolution 2017-06-27 08:30:58 -04:00
Nanne Baars
52a48df70c XXE successfully completed message was no longer shown, fixed it by using form POST together with customjs functions. 
Introduced callback functionality which you can specify after the posting in order to be able to load the comments list again.
 2017-06-12 15:08:55 +02:00
Jason White
feead6b740 initial cut on XSS, need to add some tests still 2017-05-18 14:41:14 -04:00
Jason White
08e7916b39 polling updates, including banner for appseceu 2017-05-10 16:15:38 +01:00
Jason White
c7c664ad4a polling for scoreboard added (appseceu) 2017-05-10 15:28:07 +01:00
Jason White
118079233d hints view fix. still a redundant call issue, but logging separately 2017-05-10 13:08:27 +01:00
Nanne Baars
194a327ad5 Fixed issue when restarting the lesson the menu was not updated (the marker stayed behind) 
Also restarting the lesson was not persisted
 2017-05-03 05:08:00 +02:00
Jason White
480dfe6a0a scoreboard v 0.1 we'll say 2017-05-05 13:12:01 -04:00
Jason White
aeaa3cd1a2 removing template cruft from other lesson 2017-05-05 09:59:59 -04:00
Jason White
b840b0f3b5 additional support for scoreboard view 2017-05-02 22:24:31 -04:00
Jason White
4a2701c79b clean up 2017-05-02 22:24:31 -04:00
Jason White
e0f23bfa38 initial removal (comment) of plan,solution and source views. Should remove some chattiness 2017-05-02 22:24:31 -04:00
Jason White
b0f66f16fb initial plumb of scoreboard 2017-05-02 22:24:31 -04:00
Nanne Baars
4e3ca68d08 Stop showing old lesson overview after finishing a lesson 2017-04-15 11:37:44 +02:00
Nanne Baars
e570f4bde2 Fixed pagination not initializing correctly when clicking on menu items 2017-04-15 11:37:44 +02:00
Jason White
9bc219e931 numbering on pagination 2017-04-15 11:37:43 +02:00
Jason White
e3d281a5f6 refactor of pagination controls 2017-04-15 11:37:43 +02:00
Nanne Baars
259fd19c1b - Introduced user registration 
- Now using Spring Boot for classloading, this way local development does not need to restart the complete server
- Fixed all kinds of dependencies on the names of the lessons necessary to keep in mind during the creation of a lesson.
- Simplied loading of resources, by adding resource mappings in MvcConfig.
- Refactored plugin loading, now only one class is left for loading the lessons.
 2017-03-22 11:35:14 +01:00
Jason White
7f532f0ffc XSS lesson updates 2017-02-17 13:05:54 -05:00
Jason White
af8f8c27a6 moving controls to top of content 2017-02-16 14:56:08 -05:00
mayhew64
a00546638a Merge branch 'develop' of https://github.com/WebGoat/WebGoat into develop 2017-02-07 16:06:45 -05:00
mayhew64
b4159385c1 Vulnerable components draft, fixed missing properties in httpbasics when user input was empty 2017-02-07 16:05:30 -05:00
Jason White
4664669ff2 cleaning up, fixing selected lesson class/es 2017-02-07 18:13:27 +01:00
Nanne Baars
ee5a12d205 Provide Server-side service to support UI localization #265 (#322) 
merging
 2017-01-31 11:52:33 -05:00
Jason White
74dd74d4cc formatting update 2017-01-27 15:40:57 -05:00
Jason White
f3884fe605 #318 providing support for multiple jQuery versions and exposing it via webgoat.customjs namespace 2017-01-27 15:31:23 -05:00
Jason White
ac16342c17 #315 Adding UI handling and corresponding expected elements for html files for decoration. Inlucdes minor refactor 2017-01-25 17:46:31 +01:00
Nanne Baars
0779f7a3d0 Hints per lesson (#314) 
Squashing and merging ...

* Each assigment should have the options to have its own set of hints #278

* Updating lessons due to changes from #278

* Enable i18n client side #312

* IDOR move hints to assignment and enable i18n #312
 2017-01-24 09:34:06 -05:00
Jason White
f8b39d7d8c #303 Clear current form on successful submission 2017-01-10 15:23:43 -05:00