dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,505 Commits 11 Branches 78 Tags
ad9ee094b434375c9fcaf85229b3968bb87d5720
Commit Graph

2505 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Doug Morato
6826d0eeba Improving WebGoat Developer Bootstrap Script 
Improved the Developer Bootstratp script to perform some checking for tools and pull the git repo if directory already exists

Signed-off-by: Doug Morato <dm@corp.io>
 2016-01-31 22:36:29 -05:00
mayhew64
b937e5936c Merge pull request #185 from mayhew64/master 
issue #147 disabling broken lessons
 2016-01-30 13:48:42 -05:00
mayhew64
416fda799b issue #147 disabling broken lessons 2016-01-30 13:45:26 -05:00
Nanne
f94d8121d0 Merge pull request #172 from misfir3/master 
#167 removing refrences to github.io in code
 2016-01-18 15:57:19 +01:00
Jason White
76fa797857 #167 removing refrences to github.io in code 2016-01-18 06:42:05 -05:00
Nanne
8d87830472 Merge pull request #166 from misfir3/master 
#165 support for custom submitMethod
 2016-01-15 17:38:26 +01:00
Jason White
07f0cea0a0 #165 cleaning up interim code 2016-01-14 09:03:43 -05:00
Jason White
b3541231bc #165 provide default and ability to override in lesson 2016-01-14 09:01:47 -05:00
Nanne
1a7535e3e2 Merge pull request #164 from dougmorato/master 
Remove Coverity Badge from README
 2016-01-09 09:35:54 +02:00
Doug Morato
daed6a648f Remove Coverity Badge from README 
WebGoat does not endorse any specificy Static Code Analysis Vendor, so removing Coverity Badge in order not to send mixed messages

Signed-off-by: Doug Morato <dm@corp.io>
 2016-01-08 12:59:15 -05:00
misfir3
241ed0f47a Merge pull request #163 from nbaars/master 
Seems the CI checks are not directly related to the code updates. Review of the code looks OK ... merging.
 2016-01-08 12:56:50 -05:00
Nanne Baars
e1be080eea Forced browsing lesson does not show success #143 2016-01-06 18:47:59 +02:00
misfir3
2be182f603 Merge pull request #155 from nbaars/master 
Moving lesson utilities to common project instead of AbstractLesson
 2015-12-12 12:26:44 -05:00
Nanne Baars
23a1f9e38e Removed obsolete classes 2015-12-08 22:58:33 +01:00
Nanne Baars
5dfd1c44e9 Moving lesson utilities to common project instead of AbstractLesson 2015-12-03 22:52:11 +01:00
Nanne
5bd348f975 Merge pull request #153 from misfir3/master 
#133 hiding hint on change of lesson/loesson load
 2015-12-02 21:34:32 +01:00
Jason White
539985c59e #45 finally won't see two 'Stored XSS lessons hightlighted 2015-12-02 15:08:32 -05:00
Jason White
0628a27b34 clean up 2015-12-02 15:06:10 -05:00
Jason White
d4af09c72a #133 hiding hint on change of lesson/loesson load 2015-12-02 14:05:22 -05:00
mayhew64
e530be6e3e Update README.MD 2015-11-30 08:58:23 -05:00
mayhew64
78a19c9e80 Update README.MD 2015-11-30 08:58:04 -05:00
mayhew64
eb46123cf2 Merge pull request #152 from mayhew64/master 
changed back to compile phase, package phase breaks the war-exec.jar …
 2015-11-30 08:53:03 -05:00
mayhew64
023966fbb1 changed back to compile phase, package phase breaks the war-exec.jar construction 2015-11-30 08:51:53 -05:00
mayhew64
511ed91130 Merge pull request #147 from ilatypov/master 
Tidy up CSRF lessons.
 2015-11-24 19:44:24 -05:00
mayhew64
8284f08413 Merge pull request #149 from aravindc26/master 
Fixes typo in README
 2015-11-20 12:38:06 -05:00
aravindc26
62a4056d9b Fixes typo in README 2015-11-20 00:07:04 +05:30
mayhew64
4c4753784d Merge pull request #148 from slavP/eclipseImportFix 
#66 Fixing jar plugin lifecycle issue
 2015-11-12 16:43:54 -05:00
slav pilus
4c538ee398 #66 Fixing jar plugin lifecycle issue 2015-11-12 20:49:51 +00:00
Ilguiz Latypov
ea1d852cda Convert the message number parameter into the MVC route part. Correct the result of the restart lesson button. 2015-11-07 05:43:40 -05:00
Ilguiz Latypov
de71f2700e Let user-composed (CSRF) attacks send one-request actions, as opposed to the address bar MVC links requesting lessons. The lesson display servlets have javascript that requests data and actions. 2015-11-07 05:43:31 -05:00
Nanne
05a1f5dd3a Merge pull request #140 from dougmorato/master 
Updated pom versions and cache .m2 on travis to speed build time
 2015-10-28 19:11:02 +01:00
Doug Morato
ba20f8d14b Fix javax.mail dependecy and update versions 
Signed-off-by: Doug Morato <dm@corp.io>
 2015-10-27 22:15:14 -04:00
Doug Morato
44b20bfc89 Caching .m2 repository to speed the Travis build 
Signed-off-by: Doug Morato <dm@corp.io>
 2015-10-27 21:19:12 -04:00
Nanne
0997c860eb Merge pull request #136 from dougmorato/master 
Update dependency version, build number and unregister DB driver
 2015-10-27 19:52:32 +01:00
Doug Morato
e8e1e904ec Updating dependencies and plugin versions 
Updated all the outdated dependencies and plugin versions not related to Spring and Java EE

Signed-off-by: Doug Morato <dm@corp.io>
 2015-10-26 18:47:18 -04:00
Doug Morato
4a43a5572e Unregister JDBC drivers, Fixes #134 
Upon calling the maven tomcat7:shutdown goal, a severe error message was thrown because of not unloading the JDBC drivers.

Signed-off-by: Doug Morato <dm@corp.io>
 2015-10-26 18:23:27 -04:00
Doug Morato
cf84e674b7 Fix typo on pom.xml 
Bruce's developer id was mistyped.

Signed-off-by: Doug Morato <dm@corp.io>
 2015-10-26 18:18:31 -04:00
Doug Morato
bdc99f305a Travis build number now available from admin page 
On the About page, the travis build numbers will be reflected on the build: property

Signed-off-by: Doug Morato <dm@corp.io>
 2015-10-26 18:18:07 -04:00
Doug Morato
10e2b044e9 Merge pull request #132 from nbaars/master 
Shutdown threadPools after plugin loading
 2015-10-26 16:48:50 -04:00
Nanne Baars
789a57e792 SEVERE: The web application [/WebGoat] appears to have started a thread named [pool-7-thread-5] but has failed to stop it. This is very likely to create a memory leak #124 2015-10-26 21:38:30 +01:00
Doug Morato
5c3f77d84b Merge pull request #131 from dougmorato/master 
Do not clean before mvn cobertura and coveralls
 2015-10-26 10:48:57 -04:00
Doug Morato
ff6a9b0295 Do not clean before mvn cobertura and coveralls 
By cleaning before tbe cobertura goal, this was removing the exec.jar and the war file.

Signed-off-by: Doug Morato <dm@corp.io>
 2015-10-26 10:48:34 -04:00
Doug Morato
44d944bceb Merge pull request #129 from dougmorato/master 
Maven-tomcat plugin fix and correct typo on JS file
 2015-10-26 10:09:16 -04:00
Doug Morato
91ea844c7f Merge pull request #130 from nbaars/master 
Cannot serialize session attribute, fix #123
 2015-10-26 09:59:20 -04:00
Nanne Baars
94ae466dbd Cannot serialize session attribute #123 2015-10-26 07:52:26 +01:00
Doug Morato
2803b7cd84 Adding VersionEye 
VersionEye is a free service for open-source repositories that track and report the versions of all dependencies in a project

Signed-off-by: Doug Morato <dm@corp.io>
 2015-10-26 00:33:20 -04:00
Doug Morato
398f918376 Coveralls goal abreviation 
Signed-off-by: Doug Morato <dm@corp.io>
 2015-10-25 23:21:28 -04:00
Doug Morato
f9073e366d Tomcat7 maven plugin now uses 2.3-snapshot 
Until a  production release of tomcat7-maven-plugin is made available, use a snapshot version

Signed-off-by: Doug Morato <dm@corp.io>
 2015-10-25 23:13:50 -04:00
Doug Morato
345e3cc7cb Fix typo on JS file 
Signed-off-by: Doug Morato <dm@corp.io>
 2015-10-25 22:53:56 -04:00
Doug Morato
441543100f Revert tomcat7 maven plugin to 2.1 
Knonw bug on version 2.2 of the tomcat7-maven-plugin on extracting the temp directories for exec jar

Info: https://issues.apache.org/jira/browse/MTOMCAT-211
https://fisheye6.atlassian.com/changelog/tomcat?cs=1539956
https://fisheye6.atlassian.com/changelog/tomcat?cs=1539209
Signed-off-by: Doug Morato <dm@corp.io>
 2015-10-25 22:51:28 -04:00