dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,185 Commits 11 Branches 78 Tags
Commit Graph

2185 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
René Zubcevic
73553d91d3
Merge pull request #639 from jskiba99/patch-2 
Update CrossSiteScripting_content9.adoc
 2019-08-22 11:14:38 +02:00
Nanne Baars
6d36e7db74 Added new endpoint for POST so it will give feedback to the UI. It now 
ended up in a HTTP/405 which does not give any feedback to the UI
 2019-08-17 13:52:59 +02:00
Nanne Baars
e01c2a35ce Add test case for security question assignment and the tracking is now 
done with a session scoped bean
 2019-08-06 19:04:07 +02:00
Jacob Skiba
7d9f24c86b
Update CrossSiteScripting_content9.adoc 
Fix broken resource link
 2019-08-06 05:26:05 -04:00
Nanne Baars
18eee4df58 Fix for issue with timestamp not being parsed when sending to WebWolf 
timestamp was already fixed at LocalDateTime.now() however WebGoat still
send the timestamp along, removed it
 2019-07-28 20:50:19 +02:00
Nanne Baars
e61c943f97 #601 bug: username is case sensitive, but email in general is not 
Opted for completing remove support for uppercase letters in username
this way we never come across issued with casing in WebGoat
 2019-07-28 20:48:20 +02:00
René Zubcevic
d2e23f6b8e reduce logging 2019-07-25 20:17:52 +02:00
René Zubcevic
ffbc808e26 Integration test support 2019-07-25 20:17:52 +02:00
René Zubcevic
ae674b9297
Merge pull request #620 from zubcevic/july2019-bugfixes 
increased sql form fields and fixed chrome progress
 2019-07-25 08:39:34 +02:00
Nanne Baars
33c73a7dca Adding new developer 2019-07-24 20:37:32 +02:00
Nanne Baars
216b29fca2 Clean up in pom files 2019-07-24 20:37:32 +02:00
misfir3
ee0988effe
Merge pull request #627 from WebGoat/gh-jwhite-patch-1 
Delete do-not-merge.md
 2019-07-23 14:19:26 -06:00
gh-jwhite
67440a6cc8
Delete do-not-merge.md 
removing earlier test file
 2019-07-23 14:18:51 -06:00
gh-jwhite
6c8921a951
Merge pull request #625 from WebGoat/another-ci-fail-test 
Create do-not-merge.md
 2019-07-23 11:41:35 -06:00
gh-jwhite
b395be9bd0
Create do-not-merge.md 
testing a status check/branch protection thing
 2019-07-23 10:38:25 -06:00
Rene Zubcevic
7ad3996f2f fix 6a6b page 2019-07-22 15:36:31 +02:00
Rene Zubcevic
b65644edee progress fix for SqlInjectionMitigations 2019-07-22 12:16:18 +02:00
Rene Zubcevic
ea38973068 UTF-8 config added for ThymeLeaf 2019-07-22 08:21:34 +02:00
René Zubcevic
7d0a63ac95 small html changes to improve progress 2019-07-20 09:34:27 +02:00
René Zubcevic
f9e78739f3 reverted mandatory file encoding which will make it worse on windows 2019-07-20 09:13:21 +02:00
Rene Zubcevic
656fa40182 style sheet and advanced sql 2019-07-19 16:49:30 +02:00
Rene Zubcevic
99435a1073 increased sql form fields and fixed chrome progress 2019-07-19 12:16:06 +02:00
Johannes Egger
9471e53818 Fix image names for google chrome dev tools lesson 2019-07-14 12:40:05 +02:00
Johannes Egger
d814522223 Fix test for HTTP proxy lesson 2019-07-14 12:39:07 +02:00
Johannes Egger
2eaf263e81 Improve task description for HTTP proxy lesson 2019-07-14 12:39:07 +02:00
Rene Zubcevic
41f252970b corrected path in pom 2019-07-14 12:38:11 +02:00
Rene Zubcevic
63a1097466 owasp categories 2019-07-14 12:38:11 +02:00
Sylvain Juge
bc0d803123 add login&pwd in JDBC url for PostgreSQL 
I really don't know why exactly spring parameters are not used here,
probably for schema creation step. Until changing what the application does on startup
this will make it 'just work' without extra changes.
 2019-07-14 12:29:51 +02:00
Rene Zubcevic
12de48ebbb additional environment entries to support https on webgoat 2019-07-14 12:18:07 +02:00
misfir3
62fbd6d340
Merge pull request #610 from johannesegger/patch-1 
Fix typo in CIA lesson
 2019-07-12 17:21:46 -06:00
misfir3
e36b4c3910
Merge pull request #618 from matthias-g/csrf-3-post 
Do not allow trivial solution to CSRF-3
 2019-07-12 17:16:23 -06:00
Matthias Grundmann
97f66545e0
In CSRF-3 use POST instead of GET to prevent solving the assignment just by opening the URL in a new tab 2019-07-12 17:25:58 +02:00
Nanne Baars
27125acd22 Fix issue with maven wrapper using TLS 1.2 as it no longer is supported 2019-07-09 20:19:54 +02:00
Nanne Baars
1aa98be908 Fix issue with maven wrapper using TLS 1.2 as it no longer is supported 2019-07-09 20:18:54 +02:00
Sylvain Juge
cb667094f2 update jar plugin version 2019-07-09 19:11:52 +02:00
Johannes Egger
703b6c676e
Fix typo 2019-06-14 15:09:55 +02:00
Nanne Baars
00deb66ad9 Small update for password reset lesson 2019-05-09 09:17:11 +02:00
Nanne Baars
2a5e8dfdac Add missing step necessary to finish the release 2019-05-03 11:20:53 +02:00
Nanne Baars
98537426f2 SNAPSHOT version 2019-05-03 11:15:11 +02:00
Nanne Baars
529e8d73e1 Merge tag 'v8.0.0.M25' into develop 
New release
 2019-05-03 09:57:22 +02:00
Nanne Baars
d8d32c60cb Merge branch 'release/v8.0.0.M25' v8.0.0.M25 2019-05-03 09:57:12 +02:00
Nanne Baars
9b0c4e62c2 New release, updating pom.xml 2019-05-03 09:50:01 +02:00
Tobias-Melzer
aa2eac0cd8 fixed test 2019-04-21 14:14:23 +02:00
René Zubcevic
8fdfbbd3fb changed order of attack forms in order to get the green completed 2019-04-21 14:12:26 +02:00
Rene Zubcevic
80b8326766 link corrected to avoid 404 2019-04-21 14:11:45 +02:00
ThomasBlt
a4da1a76e8 Add link to landing pages 2019-04-21 14:10:37 +02:00
Rene Zubcevic
e57c9d05b6 added checkbox and corrected fall back for the other labels 2019-04-21 14:10:01 +02:00
Rene Zubcevic
2b2e267594 hide password for testing with your actual password in front of colleagues 2019-04-21 14:10:01 +02:00
Rene Zubcevic
4bafc19883 fixed classcast exception on randValue 2019-04-21 13:59:26 +02:00
Rene Zubcevic
48d926491f removed possible NullpointerException and System.out 2019-04-21 13:59:26 +02:00