44ab36aa1b
Add message that WebGoat should be running while detecting datasource
2021-12-22 15:57:39 +01:00
969335f2f6
Update documentation for starting with java -jar
2021-12-22 15:57:11 +01:00
c000a9b467
Improve startup message Docker
2021-12-22 12:55:27 +01:00
c5389f31c3
Bump docker/login-action from 1.9.0 to 1.12.0
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 1.9.0 to 1.12.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v1.9.0...v1.12.0 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2021-12-21 12:53:41 +01:00
85d4633f62
Update enforcer and exclude log4j-core completely (every version)
2021-12-21 10:05:12 +01:00
7ded0968c1
Ban log4j all together and update OWASP dep check
...
Remove
2021-12-20 21:45:44 +01:00
cb6b1d73d1
upgrade to latest spring-boot libs and fixed related issues
2021-12-20 21:45:44 +01:00
44f70ce4dc
Remove unnecessary compiler section from pom.xml as it confuses Intellij while importing
2021-12-20 16:45:06 +01:00
a42f8fcf75
No progress information for Maven
2021-12-20 16:45:06 +01:00
ac4b06f11b
Move enabling security to WebGoat core and add resetting the lessons.
...
We can use it for more lessons and showcase how to apply security directly from the source code.
Resolves : #1176
2021-12-20 16:45:06 +01:00
705ec85f35
openshift support
2021-12-19 13:49:38 +01:00
1f1fb73f86
Style fix ( #1191 )
...
* renamed README
* rename
2021-12-18 18:06:32 +01:00
e169650ebc
Update documentation
2021-12-15 17:47:12 +01:00
2589aa3fa4
Update documentation
2021-12-15 17:46:58 +01:00
51c007c545
Update documentation
2021-12-15 17:46:46 +01:00
5089c107ba
Update documentation
2021-12-15 17:46:35 +01:00
69a93f30d2
update documentation
2021-12-15 17:46:24 +01:00
80e01d680b
add editor config
2021-12-15 17:46:14 +01:00
0658fcefcd
update documentation
2021-12-15 17:46:03 +01:00
d41d21b2e6
Update the documentation
2021-12-15 17:45:52 +01:00
939f860ddd
renamed spoof-cookie form
2021-12-08 19:37:10 +01:00
d047c41e86
Update README.MD
2021-11-27 18:06:45 +01:00
8dd66fc0ff
Improve Docker start up script
...
- Make sure the last line contains the information
- Split in separate functions
- Add option to skip starting nginx (by default it is started)
2021-11-23 13:22:19 +01:00
d496c929b3
Use variables to check WebWolf host and port
...
WebWolf can start on a different port, the assignment should take this into account and not check for a hardcoded value.
Resolves : #1055
2021-11-23 13:22:08 +01:00
f8dda37027
Rename properties
...
Rename `webwolf.url.*` to `webwolf.*.url` making it easier to move to a configuration class as no nested property is necessary
2021-11-23 13:22:08 +01:00
48fd7f310e
Bump actions/cache from 2.1.5 to 2.1.7
...
Bumps [actions/cache](https://github.com/actions/cache ) from 2.1.5 to 2.1.7.
- [Release notes](https://github.com/actions/cache/releases )
- [Commits](https://github.com/actions/cache/compare/v2.1.5...v2.1.7 )
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2021-11-23 13:21:52 +01:00
5107e111bf
test url fix
2021-11-19 13:07:49 +01:00
dd2e9f074d
Hijack Session Lesson
2021-11-19 13:07:49 +01:00
ec954046db
Add Discussions badge
2021-11-16 17:53:16 +01:00
6be9635f51
Update OWASP badge
2021-11-16 16:43:18 +01:00
f7dd69e382
Fix to move to java17
2021-11-16 16:39:53 +01:00
fc6b0f28df
Add endpoint for the JavaScript to post to
...
The JavaScript posts to a random endpoint resulting in a HTTP/405 we now post to an existing endpoint.
Resolves : #1142
2021-11-16 16:34:14 +01:00
f13632578d
Fix layout of assignment and remove duplicate feedback
...
Resolves : #1143
2021-11-16 16:34:02 +01:00
b23b428763
Fix spelling/grammar
...
Resolves : #1143
2021-11-16 16:34:02 +01:00
32a41debad
Fix spelling/grammar and reference to ZAP 2.8.0
...
Resolves : #1141
2021-11-16 16:33:48 +01:00
fafddda82a
Update ZAP instructions
...
We reference ZAP 2.8.0 explicitly which is not necessary. Also the way ZAP works changed, we no longer need to change the port as ZAP will report there is a conflict during startup.
Resolves : #1141
2021-11-16 16:33:48 +01:00
5bf33db78f
Remove obsolete hints
2021-11-16 16:33:36 +01:00
20d7015dff
Move unit test to JUnit 5
2021-11-16 16:33:36 +01:00
2fbc52e6a2
Remove some unused code
2021-11-16 16:33:36 +01:00
ab0433bb67
Fix link and typo
...
The link pointed to the old OWASP website. Also fixed some typos here and there
Resolves : #1136
2021-11-16 16:33:10 +01:00
f2f7f36a6d
Fix typo in hints
...
The hints for JWT used `jwt` instead of `JWT` which makes it difficult to solve the lesson as the hint actually points someone in the wrong direction.
Resolves : #123
2021-11-16 16:32:57 +01:00
3ad51e6d6b
Rewrite lesson to be self-contained and not depend on the core of WebGoat for fetching users
...
Split the assignment into 2 assignments
2021-11-16 16:32:43 +01:00
9e6ed11aa7
Remove link to lesson.css as they belong to the lesson
2021-11-16 16:32:43 +01:00
2bd6b36210
Fix layout assignment 2
2021-11-16 16:32:43 +01:00
bcaf4485c2
Move css to lesson itself
2021-11-16 16:32:43 +01:00
cd2e1c1c09
Fix spelling issues
2021-11-16 16:32:43 +01:00
22af35a9a7
Add favicon to WebGoat/WebWolf
2021-11-16 16:32:29 +01:00
c7e04cef97
Add logging to pom.xml
2021-11-16 16:24:45 +01:00
fa2769cb25
Updating poms
2021-11-16 16:24:45 +01:00
1a64fcd8d4
Recommit logging lesson as PR got a lot of conflicts
2021-11-16 16:24:45 +01:00
