6c25cf8e43
Add path traversal lesson
2020-03-10 08:03:48 +01:00
c4c28f544f
Fixed CSRF broken links.
2020-03-06 17:15:10 +01:00
4e371b63d0
suppressing some useless log messages and banners in unit tests ( #752 )
...
* suppressing some useless log messages and banners in unit tests
* some more log suppressed
2020-01-25 12:11:45 +01:00
71f2d2968f
Fix NPE when request does not contain parameter ( #739 )
2020-01-05 15:14:53 +01:00
5dd6b31905
Adjust lesson template ( #704 )
...
* Remove method `getId()` from all lessons as it defaults to the class name
* remove clean up endpoint
* remove unused class `RequestParameter`
* remove unused class `PluginLoadingFailure`
* Move `CourseConfiguration` to lesson package
* Add more content around the lesson template lesson and make it visible as a lesson in WebGoat
* Remove explicit invocation `trackProgress()` inside WebGoat framework so assignments only need to return an `AttackResult`
* Put original solution back as well for SQL string injection
* review comments
* Add
2019-11-17 13:39:56 +01:00
f40b6ffd31
Moving back to snapshot
2019-11-13 12:27:26 +01:00
fe2ac1b8d4
New release, updating pom.xml
2019-11-12 09:22:45 +01:00
1a83e2825e
Code style ( #696 )
...
* Remove Guava dependency from WebGoat
* Add Checkstyle to the project with very basic standards so we have a
style across lessons. It does not interfere with basic Intellij formatting
2019-11-03 18:11:09 +01:00
6dc679e7b8
final tests and fixed the issue of getting the name of the loggedinuser
2019-10-15 13:59:18 +02:00
00873cfe3f
csrf7 test cases added
2019-10-15 13:59:18 +02:00
e932253f06
initial test cases added
2019-10-15 13:59:18 +02:00
e8d086ac9b
All successful
2019-09-20 07:59:04 +02:00
82ad0a7cc7
Finally working
2019-09-18 17:53:43 +02:00
2b01cbcb75
Fixed last tests
2019-09-16 07:43:22 +02:00
f774364461
Working unit tests
2019-09-13 20:05:25 +02:00
361249c666
First attempt at moving to Spring Boot 2
2019-09-12 17:22:03 +02:00
139651615e
Make lesson csrf-7 stricter (do not allow invalid JSON, e.g. trailing =)
2019-08-22 17:44:52 +02:00
216b29fca2
Clean up in pom files
2019-07-24 20:37:32 +02:00
97f66545e0
In CSRF-3 use POST instead of GET to prevent solving the assignment just by opening the URL in a new tab
2019-07-12 17:25:58 +02:00
98537426f2
SNAPSHOT version
2019-05-03 11:15:11 +02:00
9b0c4e62c2
New release, updating pom.xml
2019-05-03 09:50:01 +02:00
bd86dc6ee0
SNAPSHOT version
2019-02-09 18:20:08 +01:00
6c86929aa6
New release, updating pom.xml
2019-02-08 14:20:23 +01:00
631fedb752
New release, updating pom.xml
2019-01-18 08:45:44 +01:00
9be4361afc
New release, updating pom.xml
2019-01-18 08:37:26 +01:00
ec225558b9
Move to latest Spring Boot version and move to Java 11
2018-12-15 13:59:54 +01:00
1252e3dc21
Update instructions to use docker-compose only
2018-07-17 20:17:35 +02:00
ac12a009e4
New release v8.0.0.M20
2018-06-20 18:05:59 +02:00
9dd93d88d9
New release v8.0.0.M19
2018-06-20 16:40:28 +02:00
12123ef13b
Merge branch 'release/v8.0.0.M18'
2018-06-20 16:32:31 +02:00
c7da546249
Improve text for lesson about CSRF login
2018-06-16 17:52:18 +02:00
701a99cf8f
Merge pull request #487 from matthias-g/xssFixes
...
Small lesson improvements
2018-06-13 18:42:14 -06:00
e5ec2c1ee0
Fix html attribute
2018-06-13 17:56:57 +02:00
3b9b695ef1
Check host header instead of origin which might not be present #475
2018-06-13 11:38:33 +02:00
26aa72e721
New release
2018-05-30 20:54:13 +02:00
c510bd9bf1
New develop version
2018-05-30 20:37:25 +02:00
c7a714a590
Move to next release
2018-05-30 17:05:50 +02:00
ecb7688e08
Update to new version for develop
...
Move WebWolf to port 9090 easier since most of the time something is running on 8081
Add scripts for easy building Docker files etc
2018-05-30 13:17:05 +02:00
55793dd153
New release v8.0.0.M15
2018-05-27 20:54:50 +02:00
1edceb0aa8
Extended and fixed some lessons
2018-05-27 20:37:44 +02:00
ea9c1a453d
Initial version for JWT
2018-05-23 14:28:19 +02:00
5d28ef9fbe
small fix for CSRF content type lesson descrption
2018-05-02 22:10:06 +02:00
f30db3abfc
New version number
2018-04-11 20:45:12 +02:00
b99b554522
Version: docker 8.0.0.M9 Multiple users can't finalize the same lesson #432
2018-01-29 15:29:48 +01:00
43b82027f5
Added more content for CSRF lesson
2017-11-22 01:34:05 +01:00
f91f77708a
New version
2017-11-02 21:44:30 +01:00
a11d3d0b1b
- Made movie little bit shorter because webgoat-server.jar was over 200Mb
...
- Movie was copy and pasted to csrf and auth lesson removed it from those lessons
- Made jars which are not necessary in the webgoat-server.jar optional
2017-11-02 15:39:49 +01:00
1ecb43092d
Bumped version number
2017-10-18 19:58:14 +02:00
8250b4048f
Updating version number
2017-10-18 19:43:33 +02:00
49c3008fe2
Typo fix for CSRF content
2017-10-13 10:33:38 -06:00
