7f91671c8f
Merge pull request #229 from span/start-page-link
...
Fix broken start/home link on logo
2016-04-08 18:27:37 +02:00
a8f8d4b4fa
Merge pull request #228 from span/developer-controls
...
Developer controls
2016-04-08 18:27:29 +02:00
263ce31db3
Merge pull request #224 from WebGoat/feature/137
...
Admin should also be able to see the solution, source and lesson plan.
2016-04-08 18:27:21 +02:00
407a5a810b
Merge pull request #220 from WebGoat/feature/169
...
Feature/169
2016-04-08 18:27:12 +02:00
46b24d72c9
Merge pull request #212 from nbaars/develop
...
Fixed #184
2016-04-08 18:27:00 +02:00
0401779f58
Fix broken test
2016-03-31 23:06:16 +02:00
7758947711
Load welcome.mvc instead of start.mvc when navigating home on the log, fixes #218
2016-03-31 23:02:54 +02:00
58ae7f3727
Move loading of developer controls so they do not reload every time. Also reload current lesson after reloading labels. Ref webgoat/webgoat#93 .
2016-03-31 22:56:17 +02:00
2be4248ea3
Add menu toggle to show/hide the controls. Ref webgoat/webgoat#93
2016-03-30 22:38:18 +02:00
e6fb74fa55
Implementation of developer controls to reload plugins and set label debugging from the GUI. Ref: webgoat/webgoat#93
2016-03-30 22:07:11 +02:00
b06d9ffd81
Admin should also be able to see the solution, source and lesson plan.
2016-03-29 01:24:07 +02:00
042a62624f
Fixed the classnames in the wsdd config file (moved to different package)
2016-03-29 00:17:01 +02:00
015dcbde38
Added image for Github developers documentation about lesson progress implementation.
2016-03-28 08:38:25 +02:00
60192db921
Renamed everything to 'progress' instead of 'completed'
2016-03-28 08:37:18 +02:00
b4cc27c761
Lesson completed message is now within js which makes it possible to show the Congratulation message after the CSRF link has been clicked.
...
Same as marking the lesson complete green checkbox
2016-03-27 17:46:06 +02:00
1815494681
Injection Flaws -> Limit Command Injection success to a set of commands and clarify this to the user #179
...
- Defuse command boolean flag is no longer necessary due to a change in the lesson, removed this flag from the webgoat-container project
2016-03-19 12:40:28 +01:00
6c92f0629e
Fix #213 by changing the id of the restart button to the correct it
2016-03-18 21:11:49 +01:00
7a7fb088ad
#173 Added the URL for WebGoat to the console output
2016-03-18 14:38:49 +01:00
bc6b040f42
Injection Flaws | XPath Injection date file path issue #184
...
- Enabled the lesson again because lesson has been fixed
2016-03-18 13:39:18 +01:00
50c4d9c170
Removed duplicate entry
2016-03-18 13:17:10 +01:00
5d393d1d65
Merge pull request #207 from span/weak-auth-cookie-enable
...
Enable weak authentication cookie lesson
2016-02-25 22:07:46 +01:00
f5a5335e31
Merge pull request #205 from muzir/develop
...
-- Remove raw type usage, add type check parameter.
2016-02-25 22:06:24 +01:00
a9a7c18592
Enable weak authentication cookie lesson if webgoat/webgoat#181 is not reproducible
2016-02-24 15:23:03 +01:00
25f08ea9b4
-- Remove raw type usage, add type check parameter.
...
-- Remove unused variable and unused imports.
2016-02-23 15:15:47 +02:00
575c940655
#180 , clean up
2016-02-18 21:26:32 -05:00
7c65441c8e
#180 , better management of show* buttons
2016-02-18 19:44:12 -05:00
daa05dd192
Seems locale should not depend of request's Accept-Language header.
...
Signed-off-by: Nanne Baars <nbaars@xebia.com >
2016-02-12 23:42:21 +01:00
dbb75980c9
Merge pull request #197 from span/htmlencoder
...
Fixes #195 by adding static initialisation of the maps
2016-02-12 13:02:41 -05:00
77c4a04d3d
Fixes #195 by adding static initialisation of the maps rather then using the constructor
2016-02-04 23:27:31 +01:00
59549e3b21
Add stage parameter in the session to keep track of current stage so that we do not reset the stage and recreate the database in the middle of a lesson. To do this a small refactor of WebSession was made which simply extracts some methods from the previously large update method. Ref #176 .
2016-02-04 23:21:12 +01:00
724c084abf
Updading develop branch pom versions to 7.1-SNAPSHOT
2016-02-01 18:30:53 -05:00
f825bead8b
The OWASP WebGoat 7.0.1 Release
2016-02-01 18:09:48 -05:00
370c34b7da
Disable cross-site scripting lab
2016-02-01 21:47:28 +01:00
35e9b36b00
[maven-release-plugin] prepare for next development iteration
2016-02-01 13:57:19 -05:00
dcf1995fe8
[maven-release-plugin] prepare release 7.0
2016-02-01 13:57:16 -05:00
6320c2d22d
Fixining all the javadoc issues preventing the release
...
In order to perfom a Sonatype OSS release, all the javadocs must pe corretly and completely parsed in order to pass the release requirement.
This comment is only adding "comments' pertaining to javadoc. NO CODE HAS BEEN CHANGED
Signed-off-by: Doug Morato <dm@corp.io >
2016-01-31 23:14:50 -05:00
416fda799b
issue #147 disabling broken lessons
2016-01-30 13:45:26 -05:00
76fa797857
#167 removing refrences to github.io in code
2016-01-18 06:42:05 -05:00
07f0cea0a0
#165 cleaning up interim code
2016-01-14 09:03:43 -05:00
b3541231bc
#165 provide default and ability to override in lesson
2016-01-14 09:01:47 -05:00
e1be080eea
Forced browsing lesson does not show success #143
2016-01-06 18:47:59 +02:00
23a1f9e38e
Removed obsolete classes
2015-12-08 22:58:33 +01:00
5dfd1c44e9
Moving lesson utilities to common project instead of AbstractLesson
2015-12-03 22:52:11 +01:00
539985c59e
#45 finally won't see two 'Stored XSS lessons hightlighted
2015-12-02 15:08:32 -05:00
0628a27b34
clean up
2015-12-02 15:06:10 -05:00
d4af09c72a
#133 hiding hint on change of lesson/loesson load
2015-12-02 14:05:22 -05:00
023966fbb1
changed back to compile phase, package phase breaks the war-exec.jar construction
2015-11-30 08:51:53 -05:00
511ed91130
Merge pull request #147 from ilatypov/master
...
Tidy up CSRF lessons.
2015-11-24 19:44:24 -05:00
4c538ee398
#66 Fixing jar plugin lifecycle issue
2015-11-12 20:49:51 +00:00
ea1d852cda
Convert the message number parameter into the MVC route part. Correct the result of the restart lesson button.
2015-11-07 05:43:40 -05:00
