dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,636 Commits 11 Branches 78 Tags
Commit Graph

122 Commits

Author SHA1 Message Date
Nanne Baars
ff67ee6484
Update to correct version 2021-10-04 14:40:19 +02:00
Àngel Ollé Blázquez
dfa0e1cdca XSS Lesson one boolean response 
Signed-off-by: Àngel Ollé Blázquez <angel@olleb.com>
 2021-10-02 01:09:52 +02:00
Nanne Baars
04d1293a33
#1045: Run build with Java 16 2021-09-23 16:09:28 +02:00
dependabot[bot]
14ab2faeaf Bump jsoup in /webgoat-lessons/cross-site-scripting 
Bumps [jsoup](https://github.com/jhy/jsoup) from 1.13.1 to 1.14.2.
- [Release notes](https://github.com/jhy/jsoup/releases)
- [Changelog](https://github.com/jhy/jsoup/blob/master/CHANGES)
- [Commits](https://github.com/jhy/jsoup/compare/jsoup-1.13.1...jsoup-1.14.2)

---
updated-dependencies:
- dependency-name: org.jsoup:jsoup
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-09-04 16:28:15 +02:00
Arshan Dabirsiaghi
d566080a79 fix typo 2021-08-14 10:52:16 +02:00
Nanne Baars
60bd04b9aa
Move to snapshot version 2021-07-29 11:13:16 +03:00
Nanne Baars
69a370f438
New release, updating pom.xml 2021-05-23 20:11:23 +02:00
Nanne Baars
b3f7a5338e Update to latest versions 2021-04-03 10:58:22 +02:00
Nanne Baars
14621003d7 Remove banner.txt as you can set it with a property in application.properties 2021-03-31 19:31:13 +02:00
Nanne Baars
cda852f4e8 Run unit tests again for all lessons and rewrite all to JUnit 5 
Due to the migration to Spring Boot 2.4 the Vintage dependency was no longer included by default, resulting in skipping all unit tests.
 2021-03-31 19:31:13 +02:00
Nanne Baars
ae6d448aa0 Replace ${revision} with real version as Maven 
The CI pipeline should take care of this.
 2021-03-31 19:31:13 +02:00
webgoat-github
b8bdb8f432 Updating to the new development version 2021-03-30 14:05:26 +00:00
avivmu
215b3b4e78
Remove redundant escaping in regex (#929) 2021-02-11 15:13:38 +01:00
avivmu
b20f6492a3
Simplify regex (#927) 2021-01-15 14:36:04 +01:00
Gabriel M. Schuyler
b1495a8cd5
Fix typo (#909) 2020-12-03 14:23:23 +01:00
René Zubcevic
574039902d changed version to snapshot version and introduced revision parameter 
for it
 2020-11-27 12:15:19 +01:00
Nanne Baars
37e9359c9e #841: Clarify the lesson based on the comments 
- Output messages more clear
- Replace success to failure (otherwise lesson is marked complete immediately)
- Fix the layout of the lesson (remove whitespace update buttons)
 2020-11-04 20:35:05 +01:00
Elie De Brauwer
5311db8564 XSS Quiz: Fix 404 
The original URL was malformed because it contained a closing ) which did not end up in the link. However the corrected link performs a redirect to the link provided in this patch.
 2020-05-25 09:08:09 +02:00
Nanne Baars
39740e069e New release 2020-05-22 14:10:31 +02:00
Satoshi SAKAO
9063b4137f fix 404 links 2020-04-27 10:44:39 +02:00
René Zubcevic
88eb4d7b26 ace editor added without all the nonsense around it 2020-04-26 16:45:56 +02:00
René Zubcevic
6f532683a1 lessonplan character updates so it also works on Windows Cp125 2020-04-20 12:54:18 +02:00
René Zubcevic
25e66ae412 use of script console in stead of browser address bar 2020-04-17 15:33:26 +02:00
René Zubcevic
089952e9ad quiz fix for CIA, SQL Injection Advanced and XSS + XSS description 
change in alert(document.cookie)
 2020-04-17 15:33:26 +02:00
Nanne Baars
6c25cf8e43 Add path traversal lesson 2020-03-10 08:03:48 +01:00
August Detlefsen
208aa42fdb
relax detection regex (#757) 
Allow for content before and after the script; Allow optional semicolon
 2020-02-20 20:00:07 +01:00
René Zubcevic
4e371b63d0
suppressing some useless log messages and banners in unit tests (#752) 
* suppressing some useless log messages and banners in unit tests

* some more log suppressed
 2020-01-25 12:11:45 +01:00
Nanne Baars
5dd6b31905 Adjust lesson template (#704) 
* Remove method `getId()` from all lessons as it defaults to the class name

* remove clean up endpoint

* remove unused class `RequestParameter`

* remove unused class `PluginLoadingFailure`

* Move `CourseConfiguration` to lesson package

* Add more content around the lesson template lesson and make it visible as a lesson in WebGoat

* Remove explicit invocation `trackProgress()` inside WebGoat framework so assignments only need to return an `AttackResult`

* Put original solution back as well for SQL string injection

* review comments

* Add
 2019-11-17 13:39:56 +01:00
Nanne Baars
f40b6ffd31 Moving back to snapshot 2019-11-13 12:27:26 +01:00
Nanne Baars
fe2ac1b8d4 New release, updating pom.xml 2019-11-12 09:22:45 +01:00
Nanne Baars
1a83e2825e Code style (#696) 
* Remove Guava dependency from WebGoat

* Add Checkstyle to the project with very basic standards so we have a
style across lessons. It does not interfere with basic Intellij formatting
 2019-11-03 18:11:09 +01:00
Nanne Baars
d73875e8e8 Remove empty line 2019-10-30 08:28:14 +01:00
Rene Zubcevic
8d7142e6d3 upgrade ascii doc with support for link in new tab 2019-10-15 13:55:34 +02:00
René Zubcevic
0319c477b1
XSS lesson completion fixes (#669) 
* XSS lesson completion fixes

* removed log all

* lesson progress capable of deprecated assignments in the database

* fixed unit test for lesson progress
 2019-09-29 14:46:18 +02:00
Nanne Baars
e8d086ac9b All successful 2019-09-20 07:59:04 +02:00
Nanne Baars
82ad0a7cc7 Finally working 2019-09-18 17:53:43 +02:00
Nanne Baars
f774364461 Working unit tests 2019-09-13 20:05:25 +02:00
Jacob Skiba
7d9f24c86b
Update CrossSiteScripting_content9.adoc 
Fix broken resource link
 2019-08-06 05:26:05 -04:00
Nanne Baars
216b29fca2 Clean up in pom files 2019-07-24 20:37:32 +02:00
Nanne Baars
98537426f2 SNAPSHOT version 2019-05-03 11:15:11 +02:00
Nanne Baars
9b0c4e62c2 New release, updating pom.xml 2019-05-03 09:50:01 +02:00
Rene Zubcevic
4bafc19883 fixed classcast exception on randValue 2019-04-21 13:59:26 +02:00
Rene Zubcevic
48d926491f removed possible NullpointerException and System.out 2019-04-21 13:59:26 +02:00
Marvin Schöning
b8e68d13b8 implement xss (mitigation) assignment 6 2019-03-26 08:43:38 +01:00
Timur Linden
53c16c8b82 fixed minor spelling mistakes, unified wording 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
2be2de8ce1 Added improved quiz for cia-triad and xss 2019-03-26 08:43:38 +01:00
Timur Linden
e8caeedf53 implemented xss-quiz 2019-03-26 08:43:38 +01:00
PhilippeSteinbach
84f67b5a7e changed order of xss mitigation lesson 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
8c7eaf87d6 Fixed package of xss-mititgation assignment. Hints are working again. 2019-03-26 08:43:38 +01:00
Benedikt - Desktop
587c44b52e Removed unused imports. 2019-03-26 08:43:38 +01:00