dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,907 Commits 11 Branches 78 Tags
9af0054b5b02fa37367079af5cdf1baa2a50b379
Commit Graph

16 Commits

Author SHA1 Message Date
miig
9aa674e326 stringfy object so it's visible in the console 2018-05-02 22:04:25 +02:00
misfir3
82ef171a50 XSS Lesson Modifications (#367) 
* initial cut on XSS, need to add some tests still

* initial unit tests for assignment endpoints

* updating header comment license thingy

* comment, clean up

* Stubs for security unit test

* Additional Unit Testing

* isEncoded and isNotEncoded Unit Tests added

* http-proxies updates

* update for XXE solutions

* Work-around to handle special chars in action ... currently to be able to match {userId} in hint creation/assignment for IDOR

* IDOR hints updated

* mitigation content update

* mitigation content update ... 2

* Lesson Overview updates

* including restart lesson fix for lesson overview
 2017-07-10 08:33:10 -04:00
Jason White
7f532f0ffc XSS lesson updates 2017-02-17 13:05:54 -05:00
mayhew64
b4159385c1 Vulnerable components draft, fixed missing properties in httpbasics when user input was empty 2017-02-07 16:05:30 -05:00
Jason White
f3884fe605 #318 providing support for multiple jQuery versions and exposing it via webgoat.customjs namespace 2017-01-27 15:31:23 -05:00
Nanne Baars
0779f7a3d0 Hints per lesson (#314) 
Squashing and merging ...

* Each assigment should have the options to have its own set of hints #278

* Updating lessons due to changes from #278

* Enable i18n client side #312

* IDOR move hints to assignment and enable i18n #312
 2017-01-24 09:34:06 -05:00
Nanne Baars
e2cb9ceae0 #277 Re-institute admin functionality for WebGoat 8 
- Report card functionality is back
 2016-12-31 18:27:20 +01:00
Jason White
35055eeb3c #296 updates href according to to page nav 2016-12-22 15:08:33 -05:00
Jason White
e183c8d8b3 implementing support for dom xss 2016-11-23 17:25:47 -05:00
Jason White
0aa9c29256 adding direct to page navigation route 2016-11-23 09:32:06 -05:00
Jason White
7d28e9c1b8 bring jquery into custom namespace ... simple hack for now 2016-11-21 13:18:38 -05:00
Jason White
22a76624e6 Pagination fixes, lesson completion update 2016-10-12 14:02:18 -04:00
Jason White
217d87e523 support for custom js functions on data submission and some other UI enhancements 2016-10-12 11:28:53 -04:00
Jason White
7323a1fa85 Hints back on main screen 2016-10-11 16:28:23 -04:00
Jason White
d27712affa incremental UI changes 2016-07-05 08:16:32 -04:00
Nanne Baars
ecc8cb391b First attempt to remove JSP and move to Thymeleaf and update to Spring Boot. The Thymeleaf templates can be loaded as snippets which makes it more easy to move away from ECS and create normal HTML pages for a lesson. 2016-04-09 14:06:03 +02:00