* add pmd and owasp dependency check through -P owasp profile
* suppress full stack trace in log
* revert to spring 2.2.0 as 2.2.4 failed in travis
* added owasp dependency check maven configuration details to vulenerable
lesson page 7
* Remove old code from UI
* Remove old code
* Remove old functions
* Remove unnecessary divs
* Remove logging to console
* Clear lesson messages (checkmark, output text etc) when lesson resets
* Remove Guava dependency from WebGoat
* Add Checkstyle to the project with very basic standards so we have a
style across lessons. It does not interfere with basic Intellij formatting
* XSS lesson completion fixes
* removed log all
* lesson progress capable of deprecated assignments in the database
* fixed unit test for lesson progress
Squashing and merging ...
* Each assigment should have the options to have its own set of hints #278
* Updating lessons due to changes from #278
* Enable i18n client side #312
* IDOR move hints to assignment and enable i18n #312
- Basic overview of all the assignments needed to be solved in a lesson
- Clicking on a link will jump to the correct page with the assignment
- Lesson completed also updates lesson overview immediately
* feature/spring-boot: (92 commits)
XXE checkin
XXE checkin
XXE first attempt
HTTP-Basics mark lesson complete issue fixed
cleaning up some
fixing the scroll 'sliver' problem. Likely need to check back on this when menu grows again
lesson pagination fixes mainly, some other fixes included & clean up
Incremental style changes
refactor to help accomodate multiple attacks and output in one 'page'
Updated some of the credits
double-feedback fix on single page
commenting out to stop redundant callbacks
few cleanup items, added least privilege
Fixed test for password
First wave is complete; some rendering issues
Trying to wire up the DB connection and fill out first sql stub
Fixing hide/show of next/prev buttons
another stub
First round of sql injection with stubs
Give focus to username when loading the login page
...
Signed-off-by: Doug Morato <dm@corp.io>
# Conflicts:
# .travis.yml
# README.MD
# pom.xml
# webgoat-container/pom.xml
# webgoat-container/src/main/java/org/owasp/webgoat/HammerHead.java
# webgoat-container/src/main/java/org/owasp/webgoat/lessons/AbstractLesson.java
# webgoat-container/src/main/java/org/owasp/webgoat/lessons/LessonAdapter.java
# webgoat-container/src/main/java/org/owasp/webgoat/plugins/PluginsLoader.java
# webgoat-container/src/main/java/org/owasp/webgoat/service/RestartLessonService.java
# webgoat-container/src/main/java/org/owasp/webgoat/session/WebgoatContext.java
# webgoat-container/src/main/resources/static/js/goatApp/controller/LessonController.js
# webgoat-container/src/main/resources/webgoat.properties
# webgoat-container/src/main/webapp/META-INF/context.xml
# webgoat-container/src/main/webapp/WEB-INF/context.xml
# webgoat-container/src/main/webapp/js/goatApp/view/LessonContentView.js
# webgoat-container/src/test/java/org/owasp/webgoat/plugins/WebGoatIT.java
# webgoat-container/src/test/resources/log4j.properties
# webgoat_developer_bootstrap.sh
do not need to support anymore in 8.0:
- Introduced DI thoughout the code base
- Removed most superclasses of a lesson
- Hammerhead is now simplified to only one line of code
- Cleaned up WebSession
- Removed code which dealt with user roles, lesson fetching, username etc
- LessonTracker improvements
- Removed almost all code from the Screen class
- Removed ECS from the container project
- Removed adminstration pages, contained a lot of ECS codes which is much
simpler to just rewrite when necessary
In order to perfom a Sonatype OSS release, all the javadocs must pe corretly and completely parsed in order to pass the release requirement.
This comment is only adding "comments' pertaining to javadoc. NO CODE HAS BEEN CHANGED
Signed-off-by: Doug Morato <dm@corp.io>
