dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,596 Commits 11 Branches 78 Tags
6f633a0f78e0b5bf25dd63300869419591a70d9c
Commit Graph

156 Commits

Author SHA1 Message Date
Ruslan Boyarsky
daa05dd192 Seems locale should not depend of request's Accept-Language header. 
Signed-off-by: Nanne Baars <nbaars@xebia.com>
 2016-02-12 23:42:21 +01:00
mayhew64
dbb75980c9 Merge pull request #197 from span/htmlencoder 
Fixes #195 by adding static initialisation of the maps
 2016-02-12 13:02:41 -05:00
Daniel Kvist
77c4a04d3d Fixes #195 by adding static initialisation of the maps rather then using the constructor 2016-02-04 23:27:31 +01:00
Daniel Kvist
59549e3b21 Add stage parameter in the session to keep track of current stage so that we do not reset the stage and recreate the database in the middle of a lesson. To do this a small refactor of WebSession was made which simply extracts some methods from the previously large update method. Ref #176. 2016-02-04 23:21:12 +01:00
Doug Morato
6320c2d22d Fixining all the javadoc issues preventing the release 
In order to perfom a Sonatype OSS release, all the javadocs must pe corretly and completely parsed in order to pass the release requirement.
This comment is only adding "comments' pertaining to javadoc. NO CODE HAS BEEN CHANGED

Signed-off-by: Doug Morato <dm@corp.io>
 2016-01-31 23:14:50 -05:00
Jason White
76fa797857 #167 removing refrences to github.io in code 2016-01-18 06:42:05 -05:00
Jason White
07f0cea0a0 #165 cleaning up interim code 2016-01-14 09:03:43 -05:00
Jason White
b3541231bc #165 provide default and ability to override in lesson 2016-01-14 09:01:47 -05:00
Nanne Baars
e1be080eea Forced browsing lesson does not show success #143 2016-01-06 18:47:59 +02:00
Nanne Baars
23a1f9e38e Removed obsolete classes 2015-12-08 22:58:33 +01:00
Nanne Baars
5dfd1c44e9 Moving lesson utilities to common project instead of AbstractLesson 2015-12-03 22:52:11 +01:00
Ilguiz Latypov
de71f2700e Let user-composed (CSRF) attacks send one-request actions, as opposed to the address bar MVC links requesting lessons. The lesson display servlets have javascript that requests data and actions. 2015-11-07 05:43:31 -05:00
Doug Morato
4a43a5572e Unregister JDBC drivers, Fixes #134 
Upon calling the maven tomcat7:shutdown goal, a severe error message was thrown because of not unloading the JDBC drivers.

Signed-off-by: Doug Morato <dm@corp.io>
 2015-10-26 18:23:27 -04:00
Nanne Baars
789a57e792 SEVERE: The web application [/WebGoat] appears to have started a thread named [pool-7-thread-5] but has failed to stop it. This is very likely to create a memory leak #124 2015-10-26 21:38:30 +01:00
Nanne Baars
94ae466dbd Cannot serialize session attribute #123 2015-10-26 07:52:26 +01:00
Jason White
45db051f30 removing redundant line, adding hasPlan to special challenge case handling 2015-10-24 11:45:49 -05:00
Jason White
d52dfe87c4 Merge remote-tracking branch 'upstream/master' 2015-10-24 09:12:02 -05:00
Nanne Baars
060b0cd8fa Logging in sometimes goes to report card and misses category-menu #114 2015-10-23 06:54:14 +02:00
Jason White
648bd3bb95 code cleanup 2015-10-22 16:55:18 -05:00
Nanne Baars
e1829e209c Implemented lesson information which gives a mapping between the menu and the actual WebGoat-Lessons project. 2015-10-04 11:56:12 +02:00
Nanne Baars
a6a1b32939 Removed credits from lessons 2015-10-03 18:21:54 +02:00
Nanne Baars
487bc71df1 Moved the logic to the plugin loader which makes the context listener obsolete 2015-09-30 23:08:10 +02:00
Nanne Baars
6a00d66f8b Plugins are now reloaded 2015-09-29 21:41:36 +02:00
Nanne Baars
33d251a147 Fixed goathills lesson with JSP now load correctly again(2) 2015-09-29 20:39:09 +02:00
Nanne Baars
d4450da5d7 Fixed goathills lesson with JSP now load correctly again 2015-09-28 23:27:58 +02:00
Nanne Baars
c0d727d1f2 Merge remote-tracking branch 'upstream/master' 2015-09-24 10:09:38 +02:00
Nanne Baars
86e4fd1c85 i8n highlighting #96 2015-09-24 10:09:07 +02:00
mayhew64
77f3c5135f Merge pull request #101 from misfir3/master 
#97, updating controls for hints, source, solution and plans on lessons
 2015-09-23 10:00:12 -04:00
Jason White
1bd6a9e0e7 #97, updating controls for hints, source, solution and plans on lessons in challenge roles 2015-09-23 09:01:45 -04:00
Nanne Baars
87d196c427 Return indication that plugins have been reloaded 2015-09-22 21:13:41 +02:00
Nanne Baars
6f8befd9a4 Merge remote-tracking branch 'upstream/master' 2015-09-22 20:40:02 +02:00
Nanne Baars
8d2771c108 Adding the ability to reload plugins directly from the interface instead of restarting Tomcat 2015-09-22 20:38:19 +02:00
Jason White
dc57827cfc #97, Hint controls for CHALLENGE Category lessons 2015-09-21 21:24:10 -04:00
Jason White
6e670c4ac5 #23, #24 - LessonInfo Service now used for TitleView and HelpControlsView 2015-09-20 00:09:38 -04:00
Nanne Baars
901eff682f Properties are appended when loading plugins (#29) 2015-09-19 08:07:54 +02:00
mayhew64
5788fe7afe Added a lesson restart for lesson specific restart actions 2015-09-18 15:46:39 -04:00
Doug Morato
6147aebf61 Fixing inconsistent merge issues implementing nbaars fixes 2015-09-18 12:40:05 -04:00
Doug Morato
06abc6e08a Merge pull request #80 from misfir3/master 
#72, defaulting to firstLesson on initial redirect
 2015-09-17 22:53:25 -04:00
Doug Morato
214d52685f Merge fixes from Nanne 
# By Nanne Baars
# Via Nanne Baars
* 'master' of git://github.com/nbaars/WebGoat:
  Fixed loading plugins: sometimes failed file was not correctly extracted

# Conflicts:
#	webgoat-container/src/main/java/org/owasp/webgoat/plugins/Plugin.java
#	webgoat-container/src/main/java/org/owasp/webgoat/plugins/PluginExtractor.java
#	webgoat-container/src/main/java/org/owasp/webgoat/plugins/PluginFileUtils.java
#	webgoat-container/src/main/java/org/owasp/webgoat/util/LabelProvider.java
 2015-09-17 22:45:14 -04:00
Jason White
9613e703f1 #72, defaulting to firstLesson on initial redirect 2015-09-17 22:24:57 -04:00
Nanne Baars
9474f66d96 Fixed loading plugins: sometimes failed file was not correctly extracted 2015-09-17 07:29:51 +02:00
Doug Morato
e8b9b17107 Fix javadoc errors in order to comply with Maven OSS requirements 2015-09-15 22:24:11 -04:00
Nanne Baars
d142407de3 Discover Clues in HTML lesson doesn't work #70 2015-09-15 23:36:24 +02:00
Nanne Baars
f31150ffdf Property files are now detected while extracting the plugin 2015-09-15 18:27:11 +02:00
Nanne Baars
18204c62c6 LessonAdapter did not read the 'New Lesson Instructions.txt' (IOException) 2015-09-05 09:43:03 +02:00
Nanne Baars
112386b43e Lab - DOM-based cross-site scripting: Java Source produces XSS alert #38 2015-09-02 23:22:24 +02:00
Nanne Baars
5ca36502d3 Weird JDK 8 issue about unable to find properties files, applied a fix and added extra logging 2015-09-01 22:52:43 +02:00
Nanne Baars
2f43c16cc1 Clicking on 'LAB: Role Based Access Control' produces 'Invalid Session' in UI #44 2015-08-28 16:24:04 +02:00
Nanne Baars
a44e08cbfd Adjusted LabelProvider to use other loader 2015-08-28 07:55:49 +02:00
Nanne Baars
010404d2e1 Increase performance while extracting the plugins 2015-08-28 07:07:12 +02:00