- Now using Spring Boot for classloading, this way local development does not need to restart the complete server
- Fixed all kinds of dependencies on the names of the lessons necessary to keep in mind during the creation of a lesson.
- Simplied loading of resources, by adding resource mappings in MvcConfig.
- Refactored plugin loading, now only one class is left for loading the lessons.
Squashing and merging ...
* Each assigment should have the options to have its own set of hints #278
* Updating lessons due to changes from #278
* Enable i18n client side #312
* IDOR move hints to assignment and enable i18n #312
- Basic overview of all the assignments needed to be solved in a lesson
- Clicking on a link will jump to the correct page with the assignment
- Lesson completed also updates lesson overview immediately
* feature/spring-boot: (92 commits)
XXE checkin
XXE checkin
XXE first attempt
HTTP-Basics mark lesson complete issue fixed
cleaning up some
fixing the scroll 'sliver' problem. Likely need to check back on this when menu grows again
lesson pagination fixes mainly, some other fixes included & clean up
Incremental style changes
refactor to help accomodate multiple attacks and output in one 'page'
Updated some of the credits
double-feedback fix on single page
commenting out to stop redundant callbacks
few cleanup items, added least privilege
Fixed test for password
First wave is complete; some rendering issues
Trying to wire up the DB connection and fill out first sql stub
Fixing hide/show of next/prev buttons
another stub
First round of sql injection with stubs
Give focus to username when loading the login page
...
Signed-off-by: Doug Morato <dm@corp.io>
# Conflicts:
# .travis.yml
# README.MD
# pom.xml
# webgoat-container/pom.xml
# webgoat-container/src/main/java/org/owasp/webgoat/HammerHead.java
# webgoat-container/src/main/java/org/owasp/webgoat/lessons/AbstractLesson.java
# webgoat-container/src/main/java/org/owasp/webgoat/lessons/LessonAdapter.java
# webgoat-container/src/main/java/org/owasp/webgoat/plugins/PluginsLoader.java
# webgoat-container/src/main/java/org/owasp/webgoat/service/RestartLessonService.java
# webgoat-container/src/main/java/org/owasp/webgoat/session/WebgoatContext.java
# webgoat-container/src/main/resources/static/js/goatApp/controller/LessonController.js
# webgoat-container/src/main/resources/webgoat.properties
# webgoat-container/src/main/webapp/META-INF/context.xml
# webgoat-container/src/main/webapp/WEB-INF/context.xml
# webgoat-container/src/main/webapp/js/goatApp/view/LessonContentView.js
# webgoat-container/src/test/java/org/owasp/webgoat/plugins/WebGoatIT.java
# webgoat-container/src/test/resources/log4j.properties
# webgoat_developer_bootstrap.sh
do not need to support anymore in 8.0:
- Introduced DI thoughout the code base
- Removed most superclasses of a lesson
- Hammerhead is now simplified to only one line of code
- Cleaned up WebSession
- Removed code which dealt with user roles, lesson fetching, username etc
- LessonTracker improvements
- Removed almost all code from the Screen class
- Removed ECS from the container project
- Removed adminstration pages, contained a lot of ECS codes which is much
simpler to just rewrite when necessary
