dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,555 Commits 11 Branches 78 Tags
Commit Graph

327 Commits

Author SHA1 Message Date
Nanne Baars
a63bf006d6 Language of the browser not english will crash WebGoat during loading of the asciidoc. This is due to the fact we always presume the lesson plan is available in the browser language. It now falls back to 'en' whenever the lesson cannot be found with the language obtained from the browser. 2017-04-16 07:52:30 +02:00
Nanne Baars
fbf2d1b422 Added validation to detect duplicate users during registration 2017-04-08 08:30:14 +02:00
Nanne Baars
9833637abf Fixed exception while logging in with unknown user 2017-03-23 21:46:21 +01:00
Nanne Baars
5156b05aac Fixed logout 2017-03-23 21:03:20 +01:00
Nanne Baars
90eee0e2d8 Adding write_delay option to hsql database (otherwise users were not persisted in database correctly) 2017-03-22 17:04:44 +01:00
Nanne Baars
c14b172503 Removed default values from login screen 2017-03-22 15:53:50 +01:00
Nanne Baars
53d30e2274 Fixed saving lesson tracker with reloadable classloader 2017-03-22 15:51:57 +01:00
Nanne Baars
259fd19c1b - Introduced user registration 
- Now using Spring Boot for classloading, this way local development does not need to restart the complete server
- Fixed all kinds of dependencies on the names of the lessons necessary to keep in mind during the creation of a lesson.
- Simplied loading of resources, by adding resource mappings in MvcConfig.
- Refactored plugin loading, now only one class is left for loading the lessons.
 2017-03-22 11:35:14 +01:00
Kristoffer Schneider
26ab0dc712 Added support to build an Docker container to run it on Raspberry Pi (#329) 
Added support to build an Docker container to run it on Raspberry Pi #329
 2017-03-02 21:31:40 +01:00
Nanne Baars
f71d02fc6a Merge branch 'develop' into develop 2017-03-02 21:24:09 +01:00
Nanne Baars
2d6235e4f0 Provide Server-side service to support UI localization #265 
- Now also enabled for adoc
 2017-03-02 21:17:21 +01:00
Jason White
7f532f0ffc XSS lesson updates 2017-02-17 13:05:54 -05:00
Jason White
af8f8c27a6 moving controls to top of content 2017-02-16 14:56:08 -05:00
mayhew64
33e807797c Xstream RCE works now 2017-02-07 23:51:05 -05:00
mayhew64
a00546638a Merge branch 'develop' of https://github.com/WebGoat/WebGoat into develop 2017-02-07 16:06:45 -05:00
mayhew64
b4159385c1 Vulnerable components draft, fixed missing properties in httpbasics when user input was empty 2017-02-07 16:05:30 -05:00
Jason White
4664669ff2 cleaning up, fixing selected lesson class/es 2017-02-07 18:13:27 +01:00
mayhew64
85ef7ee1a4 Merge branch 'develop' of https://github.com/WebGoat/WebGoat into develop 2017-02-06 09:19:29 -05:00
Nanne Baars
ae82df3fb4 Fixed issue with loading messages in different language. As a standalone jar you can write properties back to messages.properties, this approach worked when you run with exploded classpath (target/classes etc). However failed when running inside Docker container. 2017-02-05 21:54:07 +01:00
Nanne Baars
d25700434e Added tests for assignments 2017-01-31 23:28:59 +01:00
erhun
21659ac298 Add Thymeleaf th:href usage instead of pageContext.request.contextPath (#323) 
* Add Thymeleaf th:href usage instead of pageContext.request.contextPath

* Add Thymeleaf th:href usage instead of pageContext.request.contextPath
 2017-01-31 12:01:41 -05:00
Nanne Baars
ee5a12d205 Provide Server-side service to support UI localization #265 (#322) 
merging
 2017-01-31 11:52:33 -05:00
mayhew64
fbd37b39bd Merge branch 'develop' of https://github.com/WebGoat/WebGoat into develop 2017-01-28 11:05:16 -05:00
mayhew64
30bdc89164 Adding Vulnerable Components Category 2017-01-28 11:01:05 -05:00
Jason White
a0451eeb3a Adding 'sorted' to lambda/stream 2017-01-27 15:41:46 -05:00
Jason White
74dd74d4cc formatting update 2017-01-27 15:40:57 -05:00
Jason White
f3884fe605 #318 providing support for multiple jQuery versions and exposing it via webgoat.customjs namespace 2017-01-27 15:31:23 -05:00
Jason White
693d791075 bumping jquery version to support A-9 lesson 2017-01-26 16:46:05 -05:00
Jason White
ac16342c17 #315 Adding UI handling and corresponding expected elements for html files for decoration. Inlucdes minor refactor 2017-01-25 17:46:31 +01:00
Nanne Baars
0779f7a3d0 Hints per lesson (#314) 
Squashing and merging ...

* Each assigment should have the options to have its own set of hints #278

* Updating lessons due to changes from #278

* Enable i18n client side #312

* IDOR move hints to assignment and enable i18n #312
 2017-01-24 09:34:06 -05:00
Nanne Baars
9485362309 Getting current release running is hard and obscure #308 
- README.md for develop only contains 8.0 information (removed legacy information etc)
- Docker image now contains tag for version 8.0
 2017-01-15 22:13:05 +01:00
Nanne Baars
ee0d34e2ea Merge pull request #310 from misfir3/develop 
turning off HttpOnly
 2017-01-15 18:44:52 +01:00
Nanne Baars
badbabd439 Fixing can't login to webgoat #307 2017-01-15 16:28:19 +01:00
Jason White
b970fe37fa turning off HttpOnly 2017-01-12 17:25:51 -05:00
Jason White
f8b39d7d8c #303 Clear current form on successful submission 2017-01-10 15:23:43 -05:00
Jason White
3274ff7a93 properly scoping data submiission in onFormSubmit 2017-01-10 15:23:43 -05:00
misfir3
ad3599f6af Merge pull request #306 from zupzup/issue_302_double_calls_on_submit 
Issue #302: Fix redundant calls to lessonoverview.mvc and lessonmenu.…
 2017-01-09 15:00:55 -05:00
Jason White
2688c8ee77 removing debug statement 2017-01-09 14:04:48 -05:00
Mario Zupan
40f1d58796 Issue #302: Fix redundant calls to lessonoverview.mvc and lessonmenu.mvc on submission 2017-01-07 15:46:19 +01:00
Jason White
c2988eb771 #305 - update to use generic Object in map 2017-01-06 13:01:55 -05:00
Jason White
4c5e58d1a1 minor style updates 2017-01-06 08:08:22 -05:00
Jason White
00eeae911d #305 UserSessionData bean to provide stateful session data 2017-01-05 17:28:53 -05:00
Nanne Baars
dcab7d8abd Lesson overview simplification moving template to separate file. 2017-01-01 21:06:00 +01:00
Nanne Baars
e2cb9ceae0 #277 Re-institute admin functionality for WebGoat 8 
- Report card functionality is back
 2016-12-31 18:27:20 +01:00
Nanne Baars
9c03b6f63b #276 Automatic lesson summary page 
- Basic overview of all the assignments needed to be solved in a lesson
 - Clicking on a link will jump to the correct page with the assignment
 - Lesson completed also updates lesson overview immediately
 2016-12-28 10:14:34 +01:00
Jason White
282073ed2d Adding ZAP content for HTTP Basics 2016-12-22 16:37:57 -05:00
Jason White
35055eeb3c #296 updates href according to to page nav 2016-12-22 15:08:33 -05:00
Nanne
4392150561 Merge branch 'develop' into feature/asciidoc_syntax_highlight 2016-12-16 16:44:42 +01:00
Mario Zupan
6fa894938b Issue #275: Activate Syntax Highlighting with Coderay in Asciidoc templates 2016-12-15 17:37:30 +01:00
Mario Zupan
81e3000f2d Issue #293: fix images in asciidoc by setting backend to xhtml 2016-12-11 20:05:28 +01:00