7b8523dcab 
					 
					
						
						
							
							#839 : fix the SQL statement as this one does not express that the orderBy clause input is user input  
						
						
						
						
					 
					
						2020-11-04 20:35:05 +01:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						dac011db78 
					 
					
						
						
							
							fix failing test (order)  
						
						
						
						
					 
					
						2020-10-21 08:05:53 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						41879c4603 
					 
					
						
						
							
							Blind XXE lesson blocks including the file in the comment directly  
						
						
						
						
					 
					
						2020-10-20 22:09:49 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						641d75e734 
					 
					
						
						
							
							Link to the original lesson for the goal  
						
						
						
						
					 
					
						2020-10-20 22:09:49 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						e4ec90db8a 
					 
					
						
						
							
							chore: update CIA grammar and content  
						
						... 
						
						
						
						- misc. grammatical edits
  - add a few more examples 
						
						
					 
					
						2020-10-15 08:39:28 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						d5f78351a2 
					 
					
						
						
							
							lesson pages updated based on comments for  #834  and  #836  ( #864 )  
						
						
						
						
					 
					
						2020-08-23 15:36:01 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						ef6993c636 
					 
					
						
						
							
							improving lesson due to issue  #845  
						
						
						
						
					 
					
						2020-07-09 19:21:42 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						2d2dc22e19 
					 
					
						
						
							
							first step  
						
						
						
						
					 
					
						2020-07-09 19:21:42 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						db9e1c4c4f 
					 
					
						
						
							
							first step  
						
						
						
						
					 
					
						2020-07-09 19:21:42 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						317573c897 
					 
					
						
						
							
							Small fixes june 2020 ( #857 )  
						
						... 
						
						
						
						* issue 849
* another integration test for a challenge
* fixing issue 848
* updated link for issue 833
* fix for 847 
						
						
					 
					
						2020-07-08 19:26:09 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						ba8444dd85 
					 
					
						
						
							
							Update 1proxysetupsteps.adoc ( #854 )  
						
						... 
						
						
						
						thanks for the fix 
						
						
					 
					
						2020-07-04 08:00:32 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						219aad0bbc 
					 
					
						
						
							
							Correcting incorrect information ( #835 )  
						
						... 
						
						
						
						Thanks for the improvement. Hope you liked the lesson. 
						
						
					 
					
						2020-06-19 17:00:43 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						1cbaade9ab 
					 
					
						
						
							
							adjustments for arbitrary user support (openshift guideline) ( #830 )  
						
						... 
						
						
						
						* adjustments for arbitrary user support (openshift guideline)
* do not create up front .webgoat 
						
						
					 
					
						2020-06-08 07:30:55 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						98d17433f1 
					 
					
						
						
							
							HTML Tampering mitigation: Typo fixes  
						
						
						
						
					 
					
						2020-05-25 09:09:26 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						11a7814626 
					 
					
						
						
							
							Dinis Cruz Blog  
						
						... 
						
						
						
						This was discussed in ticket https://github.com/WebGoat/WebGoat/issues/724  however the Dinis Cruz Blog remains available through a blogspot.com URL which might be more interesting to reference than an web.archive.org link. 
						
						
					 
					
						2020-05-25 09:08:55 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						5311db8564 
					 
					
						
						
							
							XSS Quiz: Fix 404  
						
						... 
						
						
						
						The original URL was malformed because it contained a closing ) which did not end up in the link. However the corrected link performs a redirect to the link provided in this patch. 
						
						
					 
					
						2020-05-25 09:08:09 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						ae156a4a0f 
					 
					
						
						
							
							Function AC User: Spelling and grammar fixes.  
						
						
						
						
					 
					
						2020-05-25 09:07:31 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						9576c6b9da 
					 
					
						
						
							
							Function AC Lesson 1: Spelling and grammar fixes.  
						
						
						
						
					 
					
						2020-05-25 09:07:31 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						6c83457231 
					 
					
						
						
							
							Function ac intro: Spelling and grammar update  
						
						
						
						
					 
					
						2020-05-25 09:07:31 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						060851a4a2 
					 
					
						
						
							
							IDOR_intro.adoc: Fix 404  
						
						... 
						
						
						
						The closing ')' in the URL was not taken up in the link causing a 404 when clicking the URL. 
						
						
					 
					
						2020-05-24 09:57:29 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						671691a5ed 
					 
					
						
						
							
							XXE_changing_content_type.adoc: Typo fixes  
						
						
						
						
					 
					
						2020-05-24 09:56:43 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f326755190 
					 
					
						
						
							
							XXE_intro.adoc: Typo fixes  
						
						
						
						
					 
					
						2020-05-24 09:56:43 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						99edda6029 
					 
					
						
						
							
							XXE_plan.adoc: Typo fixes  
						
						
						
						
					 
					
						2020-05-24 09:56:43 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						717f852680 
					 
					
						
						
							
							InsecureLogin_intro.adoc: Typo fix  
						
						
						
						
					 
					
						2020-05-24 09:56:43 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						c42d6b15c3 
					 
					
						
						
							
							SecurePasswordsAssignment: Fix output formatting  
						
						... 
						
						
						
						- When solving the solution (entering a correct password) then the 'Score: 4/4' does not start on a new line, instead it is glue to the Estimated cracking time line. As a solution the </br> is added as a suffix on that line (and successive lines).
- Maximum score is 4, not 5 (see also the assignment, and https://github.com/nulab/zxcvbn4j/blob/master/src/main/java/com/nulabinc/zxcvbn/TimeEstimates.java#L23  which is the origin of getScore() ) 
						
						
					 
					
						2020-05-24 09:56:01 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						dfa3242aeb 
					 
					
						
						
							
							Delete unused PasswordReset_password_reset_link.adoc  
						
						... 
						
						
						
						Not referenced in webgoat-lessons/password-reset/src/main/resources/html/PasswordReset.html, looks like a placeholder/dead code. 
						
						
					 
					
						2020-05-24 09:39:18 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						23762885fa 
					 
					
						
						
							
							PasswordReset_host_header.adoc: Typo fixes  
						
						
						
						
					 
					
						2020-05-24 09:39:18 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						60087e441d 
					 
					
						
						
							
							PasswordReset_SecurityQuestions.adoc: Typo fix.  
						
						
						
						
					 
					
						2020-05-24 09:39:18 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						2e8d0dd9b5 
					 
					
						
						
							
							PasswordReset_plan.adoc: Spelling fixes  
						
						
						
						
					 
					
						2020-05-24 09:38:25 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						966d7a7aed 
					 
					
						
						
							
							JWT_refresh.adoc: Fix spelling issues  
						
						
						
						
					 
					
						2020-05-24 09:37:47 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						851fd9ae03 
					 
					
						
						
							
							Only push to 1 Docker repo  
						
						
						
						
					 
					
						2020-05-23 17:01:13 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						637d393889 
					 
					
						
						
							
							Update README.MD  
						
						
						
						
					 
					
						2020-05-23 16:40:54 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						2dad97bdcb 
					 
					
						
						
							
							Docker command without -d option to show output int console  
						
						
						
						
					 
					
						2020-05-23 16:39:37 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						90ea59cfca 
					 
					
						
						
							
							Remove Github pages, too many things to keep in sync.  
						
						... 
						
						
						
						Let's keep the focus on the OWASP page and the Github README 
						
						
					 
					
						2020-05-23 16:30:42 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						c695614fac 
					 
					
						
						
							
							Fix Docker link  
						
						
						
						
					 
					
						2020-05-23 16:30:42 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						304312018b 
					 
					
						
						
							
							Update README.MD  
						
						
						
						
					 
					
						2020-05-23 16:22:23 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						3a2bfc9c24 
					 
					
						
						
							
							Cleanup readme  
						
						
						
						
					 
					
						2020-05-23 16:19:22 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						3d0f879c12 
					 
					
						
						
							
							Remove dep status  
						
						
						
						
					 
					
						2020-05-23 16:17:16 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						61720b29ea 
					 
					
						
						
							
							Fix Travis script  
						
						
						
						
					 
					
						2020-05-23 13:40:28 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						75700597e6 
					 
					
						
						
							
							Merge branch 'release/v8.1.0' into develop  
						
						
						
						
					 
					
						2020-05-22 15:09:11 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						39740e069e 
					 
					
						
						
							
							New release  
						
						
						
						
					 
					
						2020-05-22 14:10:31 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						5739705d8a 
					 
					
						
						
							
							Process review comments  
						
						
						
						
					 
					
						2020-05-22 10:10:42 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						9b72610510 
					 
					
						
						
							
							Extend XXE lesson with more content and add solution description  
						
						... 
						
						
						
						Remove obsolete images
Add stylesheet items specific for asciidoctor so we can for icons and source numbering 
						
						
					 
					
						2020-05-22 10:10:42 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						c4a046bd12 
					 
					
						
						
							
							Ch1 less default ( #814 )  
						
						... 
						
						
						
						* random pincode in challenge1
* unit test fix 
						
						
					 
					
						2020-05-12 08:49:48 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f520c3589c 
					 
					
						
						
							
							flag submission fixed ( #812 )  
						
						
						
						
					 
					
						2020-05-07 11:04:00 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						832d6432fc 
					 
					
						
						
							
							fix for JWT green button and WebWolf intro green button and added jwt int tests ( #808 )  
						
						
						
						
					 
					
						2020-05-07 08:28:45 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f4838e1233 
					 
					
						
						
							
							add int test for acl  
						
						
						
						
					 
					
						2020-05-01 09:15:29 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						70771ee854 
					 
					
						
						
							
							added a webwolf template error page with some explanation and updated 2017 to 2020  
						
						
						
						
					 
					
						2020-04-30 10:21:53 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						9dea696c4c 
					 
					
						
						
							
							added int test for IDOR and fixed green button issue ( #801 )  
						
						
						
						
					 
					
						2020-04-29 12:12:11 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						2398949396 
					 
					
						
						
							
							added ace js for java  
						
						
						
						
					 
					
						2020-04-28 09:33:54 +02:00