Jason White
89e2fc109c
Work-around to handle special chars in action ... currently to be able to match {userId} in hint creation/assignment for IDOR
2017-06-27 10:24:38 -04:00
Jason White
dd18e68660
merge of upstream, conflict resolution
2017-06-27 08:30:58 -04:00
Nanne Baars
52a48df70c
XXE successfully completed message was no longer shown, fixed it by using form POST together with customjs functions.
...
Introduced callback functionality which you can specify after the posting in order to be able to load the comments list again.
2017-06-12 15:08:55 +02:00
Jason White
feead6b740
initial cut on XSS, need to add some tests still
2017-05-18 14:41:14 -04:00
Jason White
08e7916b39
polling updates, including banner for appseceu
2017-05-10 16:15:38 +01:00
Jason White
c7c664ad4a
polling for scoreboard added (appseceu)
2017-05-10 15:28:07 +01:00
Jason White
118079233d
hints view fix. still a redundant call issue, but logging separately
2017-05-10 13:08:27 +01:00
Nanne Baars
194a327ad5
Fixed issue when restarting the lesson the menu was not updated (the marker stayed behind)
...
Also restarting the lesson was not persisted
2017-05-03 05:08:00 +02:00
Jason White
480dfe6a0a
scoreboard v 0.1 we'll say
2017-05-05 13:12:01 -04:00
Jason White
aeaa3cd1a2
removing template cruft from other lesson
2017-05-05 09:59:59 -04:00
Jason White
b840b0f3b5
additional support for scoreboard view
2017-05-02 22:24:31 -04:00
Jason White
4a2701c79b
clean up
2017-05-02 22:24:31 -04:00
Jason White
e0f23bfa38
initial removal (comment) of plan,solution and source views. Should remove some chattiness
2017-05-02 22:24:31 -04:00
Jason White
b0f66f16fb
initial plumb of scoreboard
2017-05-02 22:24:31 -04:00
Nanne Baars
4e3ca68d08
Stop showing old lesson overview after finishing a lesson
2017-04-15 11:37:44 +02:00
Nanne Baars
e570f4bde2
Fixed pagination not initializing correctly when clicking on menu items
2017-04-15 11:37:44 +02:00
Jason White
9bc219e931
numbering on pagination
2017-04-15 11:37:43 +02:00
Jason White
e3d281a5f6
refactor of pagination controls
2017-04-15 11:37:43 +02:00
Nanne Baars
259fd19c1b
- Introduced user registration
...
- Now using Spring Boot for classloading, this way local development does not need to restart the complete server
- Fixed all kinds of dependencies on the names of the lessons necessary to keep in mind during the creation of a lesson.
- Simplied loading of resources, by adding resource mappings in MvcConfig.
- Refactored plugin loading, now only one class is left for loading the lessons.
2017-03-22 11:35:14 +01:00
Jason White
7f532f0ffc
XSS lesson updates
2017-02-17 13:05:54 -05:00
Jason White
af8f8c27a6
moving controls to top of content
2017-02-16 14:56:08 -05:00
mayhew64
a00546638a
Merge branch 'develop' of https://github.com/WebGoat/WebGoat into develop
2017-02-07 16:06:45 -05:00
mayhew64
b4159385c1
Vulnerable components draft, fixed missing properties in httpbasics when user input was empty
2017-02-07 16:05:30 -05:00
Jason White
4664669ff2
cleaning up, fixing selected lesson class/es
2017-02-07 18:13:27 +01:00
Nanne Baars
ee5a12d205
Provide Server-side service to support UI localization #265 ( #322 )
...
merging
2017-01-31 11:52:33 -05:00
Jason White
74dd74d4cc
formatting update
2017-01-27 15:40:57 -05:00
Jason White
f3884fe605
#318 providing support for multiple jQuery versions and exposing it via webgoat.customjs namespace
2017-01-27 15:31:23 -05:00
Jason White
ac16342c17
#315 Adding UI handling and corresponding expected elements for html files for decoration. Inlucdes minor refactor
2017-01-25 17:46:31 +01:00
Nanne Baars
0779f7a3d0
Hints per lesson ( #314 )
...
Squashing and merging ...
* Each assigment should have the options to have its own set of hints #278
* Updating lessons due to changes from #278
* Enable i18n client side #312
* IDOR move hints to assignment and enable i18n #312
2017-01-24 09:34:06 -05:00
Jason White
f8b39d7d8c
#303 Clear current form on successful submission
2017-01-10 15:23:43 -05:00
Jason White
3274ff7a93
properly scoping data submiission in onFormSubmit
2017-01-10 15:23:43 -05:00
misfir3
ad3599f6af
Merge pull request #306 from zupzup/issue_302_double_calls_on_submit
...
Issue #302 : Fix redundant calls to lessonoverview.mvc and lessonmenu.…
2017-01-09 15:00:55 -05:00
Jason White
2688c8ee77
removing debug statement
2017-01-09 14:04:48 -05:00
Mario Zupan
40f1d58796
Issue #302 : Fix redundant calls to lessonoverview.mvc and lessonmenu.mvc on submission
2017-01-07 15:46:19 +01:00
Nanne Baars
dcab7d8abd
Lesson overview simplification moving template to separate file.
2017-01-01 21:06:00 +01:00
Nanne Baars
e2cb9ceae0
#277 Re-institute admin functionality for WebGoat 8
...
- Report card functionality is back
2016-12-31 18:27:20 +01:00
Nanne Baars
9c03b6f63b
#276 Automatic lesson summary page
...
- Basic overview of all the assignments needed to be solved in a lesson
- Clicking on a link will jump to the correct page with the assignment
- Lesson completed also updates lesson overview immediately
2016-12-28 10:14:34 +01:00
Jason White
35055eeb3c
#296 updates href according to to page nav
2016-12-22 15:08:33 -05:00
Mario Zupan
feb38eef8c
Issue #160 : Provide Async Error Handling
...
Added Toast notification for unexpected errors
On 401 and 403 Errors, user is redirected to login
2016-12-02 13:37:25 +01:00
Jason White
e183c8d8b3
implementing support for dom xss
2016-11-23 17:25:47 -05:00
Jason White
0aa9c29256
adding direct to page navigation route
2016-11-23 09:32:06 -05:00
Jason White
7d28e9c1b8
bring jquery into custom namespace ... simple hack for now
2016-11-21 13:18:38 -05:00
Jason White
5c800f6f2b
cleaning up some
2016-11-17 08:35:35 -05:00
Jason White
d11635f9da
lesson pagination fixes mainly, some other fixes included & clean up
2016-11-17 08:06:06 -05:00
Jason White
02bd7e1299
double-feedback fix on single page
2016-11-16 18:03:46 -05:00
Jason White
11224bc02d
commenting out to stop redundant callbacks
2016-11-16 18:03:46 -05:00
misfir3
ec2fc5a77c
Fixing hide/show of next/prev buttons
2016-11-15 21:01:16 -05:00
Nanne Baars
2728158f14
#271 Reset lesson does not work anymore
2016-11-15 10:26:09 +01:00
Nanne Baars
5babe19f2b
Fixed issue with lesson tracking
2016-11-15 09:28:39 +01:00
Nanne Baars
0bec575913
Moving forward cleaning up some unnecessary lesson super classes which we
...
do not need to support anymore in 8.0:
- Introduced DI thoughout the code base
- Removed most superclasses of a lesson
- Hammerhead is now simplified to only one line of code
- Cleaned up WebSession
- Removed code which dealt with user roles, lesson fetching, username etc
- LessonTracker improvements
- Removed almost all code from the Screen class
- Removed ECS from the container project
- Removed adminstration pages, contained a lot of ECS codes which is much
simpler to just rewrite when necessary
2016-11-06 21:09:47 +01:00