2a6b3d189e
Disable csrf through property no longer works and we already have it in WebSecurityConfig. Thymeleaf templates caching is set on the resolvers themselves
2019-10-30 08:28:14 +01:00
1f00d461a8
cleaned logs and changed username length for csrf-uuid
2019-10-15 13:59:18 +02:00
8d7142e6d3
upgrade ascii doc with support for link in new tab
2019-10-15 13:55:34 +02:00
e0ac4a1083
lessons in correct order and scoreboard visible again ( #680 )
2019-10-10 09:45:43 +02:00
663224d06a
xxe path info ( #670 )
...
* xxe path info aid added
* xxe path info aid added
* changes to template file and hints
* added ssl test support for XXE
* added ssl test support for XXE
* restconfig replaced by httpsrelaxed
* processed review comments on hints and example
2019-10-02 09:59:32 +02:00
0319c477b1
XSS lesson completion fixes ( #669 )
...
* XSS lesson completion fixes
* removed log all
* lesson progress capable of deprecated assignments in the database
* fixed unit test for lesson progress
2019-09-29 14:46:18 +02:00
d080b3ef06
Review comment
2019-09-24 07:36:49 +02:00
35c1305ce9
Merge conflicts resolved
2019-09-23 07:34:27 +02:00
261f947777
Fix
2019-09-20 17:45:33 +02:00
c8ef848657
Fix
2019-09-20 17:36:15 +02:00
6fe5831f11
FIx?
2019-09-20 16:46:26 +02:00
cf00454f8b
Testing issue
2019-09-20 08:30:07 +02:00
e8d086ac9b
All successful
2019-09-20 07:59:04 +02:00
82ad0a7cc7
Finally working
2019-09-18 17:53:43 +02:00
4777dab57a
review comments processed
2019-09-18 17:46:32 +02:00
ec236a4ff5
First steps in XXE integration tests
2019-09-18 14:48:34 +02:00
f774364461
Working unit tests
2019-09-13 20:05:25 +02:00
dceb375d5e
WIP
2019-09-13 18:57:40 +02:00
5e6f825e64
WIP
2019-09-13 16:42:13 +02:00
361249c666
First attempt at moving to Spring Boot 2
2019-09-12 17:22:03 +02:00
2283f945a9
Fix failing configuration
2019-08-25 17:53:36 +02:00
ff530e926e
Use separate project for integration tests so we can start WebGoat and WebWolf
2019-08-25 17:43:14 +02:00
f0d1555a09
Fixed #45 - multiple tracker for one user fixed
2019-08-21 23:38:27 +02:00
e61c943f97
#601 bug: username is case sensitive, but email in general is not
...
Opted for completing remove support for uppercase letters in username
this way we never come across issued with casing in WebGoat
2019-07-28 20:48:20 +02:00
ae674b9297
Merge pull request #620 from zubcevic/july2019-bugfixes
...
increased sql form fields and fixed chrome progress
2019-07-25 08:39:34 +02:00
216b29fca2
Clean up in pom files
2019-07-24 20:37:32 +02:00
ea38973068
UTF-8 config added for ThymeLeaf
2019-07-22 08:21:34 +02:00
f9e78739f3
reverted mandatory file encoding which will make it worse on windows
2019-07-20 09:13:21 +02:00
656fa40182
style sheet and advanced sql
2019-07-19 16:49:30 +02:00
63a1097466
owasp categories
2019-07-14 12:38:11 +02:00
12de48ebbb
additional environment entries to support https on webgoat
2019-07-14 12:18:07 +02:00
e57c9d05b6
added checkbox and corrected fall back for the other labels
2019-04-21 14:10:01 +02:00
27a61f0f70
Reworked and styled quiz
2019-03-26 08:43:38 +01:00
0915bf3d7f
Changed checkboxes to radio buttons, since it is single choice.
...
Moved css to seperate css file.
Made questions clickable not just the checkbox.
Reworked java code.
Work in Progress...
2019-03-26 08:43:38 +01:00
8b61811278
Added doc to quiz js
2019-03-26 08:43:38 +01:00
b02a01d35e
squash
2019-03-26 08:43:38 +01:00
6d974b5fa8
Fixed lesson sorting issue
2019-03-26 08:43:38 +01:00
4cdd649a5a
Added html mode for code editor
2019-03-26 08:43:38 +01:00
3a7601d348
Moved js files to global directory, added id system to question json
2019-03-26 08:43:38 +01:00
1bcddaf710
Reworked and polished assignment 8 and 9 (C and I)
2019-03-26 08:43:38 +01:00
6fe7582dfb
Added an assignment for compromising availability to the sql injections (introduction).
...
WIP
2019-03-26 08:43:38 +01:00
75b1895122
Added a new lessons for sql injections on "Compromising confidentiality with String SQL Injection"
2019-03-26 08:43:38 +01:00
6e36cc1ea4
removed unnecessary interceptors
2019-03-26 08:37:47 +01:00
1c2648e0a9
disable the fallback to the system locale to fix unit test and establish the desired behaviour
2019-03-26 08:37:47 +01:00
ed490a5ecf
Fix for #545
...
Introduced new macro to make a clear distinction between /WebWolf with
context root and without.
2019-01-16 11:07:30 +01:00
a41ff0083c
Merge pull request #479 from misfir3/develop
...
Recent updates, including Missing Function AC content & patch for Vuln Components Lesson
2018-06-13 18:44:09 -06:00
844808bfa7
Merge pull request #485 from matthias-g/fixSQLInjection
...
Fix sql injection
2018-06-13 18:41:05 -06:00
1d2575a211
Allow - in usernames because CSRF lesson requires username starting with prefix crsf- #476
2018-06-13 11:38:33 +02:00
56fc983414
Update database layout so that proposed solution works
2018-06-12 17:40:28 +02:00
bae3e75ae2
Fix minor issues in hint view
2018-06-12 11:02:16 +02:00
