33e807797c
Xstream RCE works now
2017-02-07 23:51:05 -05:00
a00546638a
Merge branch 'develop' of https://github.com/WebGoat/WebGoat into develop
2017-02-07 16:06:45 -05:00
b4159385c1
Vulnerable components draft, fixed missing properties in httpbasics when user input was empty
2017-02-07 16:05:30 -05:00
4664669ff2
cleaning up, fixing selected lesson class/es
2017-02-07 18:13:27 +01:00
85ef7ee1a4
Merge branch 'develop' of https://github.com/WebGoat/WebGoat into develop
2017-02-06 09:19:29 -05:00
ae82df3fb4
Fixed issue with loading messages in different language. As a standalone jar you can write properties back to messages.properties, this approach worked when you run with exploded classpath (target/classes etc). However failed when running inside Docker container.
2017-02-05 21:54:07 +01:00
d25700434e
Added tests for assignments
2017-01-31 23:28:59 +01:00
21659ac298
Add Thymeleaf th:href usage instead of pageContext.request.contextPath ( #323 )
...
* Add Thymeleaf th:href usage instead of pageContext.request.contextPath
* Add Thymeleaf th:href usage instead of pageContext.request.contextPath
2017-01-31 12:01:41 -05:00
ee5a12d205
Provide Server-side service to support UI localization #265 ( #322 )
...
merging
2017-01-31 11:52:33 -05:00
fbd37b39bd
Merge branch 'develop' of https://github.com/WebGoat/WebGoat into develop
2017-01-28 11:05:16 -05:00
30bdc89164
Adding Vulnerable Components Category
2017-01-28 11:01:05 -05:00
a0451eeb3a
Adding 'sorted' to lambda/stream
2017-01-27 15:41:46 -05:00
74dd74d4cc
formatting update
2017-01-27 15:40:57 -05:00
f3884fe605
#318 providing support for multiple jQuery versions and exposing it via webgoat.customjs namespace
2017-01-27 15:31:23 -05:00
693d791075
bumping jquery version to support A-9 lesson
2017-01-26 16:46:05 -05:00
ac16342c17
#315 Adding UI handling and corresponding expected elements for html files for decoration. Inlucdes minor refactor
2017-01-25 17:46:31 +01:00
0779f7a3d0
Hints per lesson ( #314 )
...
Squashing and merging ...
* Each assigment should have the options to have its own set of hints #278
* Updating lessons due to changes from #278
* Enable i18n client side #312
* IDOR move hints to assignment and enable i18n #312
2017-01-24 09:34:06 -05:00
9485362309
Getting current release running is hard and obscure #308
...
- README.md for develop only contains 8.0 information (removed legacy information etc)
- Docker image now contains tag for version 8.0
2017-01-15 22:13:05 +01:00
ee0d34e2ea
Merge pull request #310 from misfir3/develop
...
turning off HttpOnly
2017-01-15 18:44:52 +01:00
badbabd439
Fixing can't login to webgoat #307
2017-01-15 16:28:19 +01:00
b970fe37fa
turning off HttpOnly
2017-01-12 17:25:51 -05:00
f8b39d7d8c
#303 Clear current form on successful submission
2017-01-10 15:23:43 -05:00
3274ff7a93
properly scoping data submiission in onFormSubmit
2017-01-10 15:23:43 -05:00
ad3599f6af
Merge pull request #306 from zupzup/issue_302_double_calls_on_submit
...
Issue #302 : Fix redundant calls to lessonoverview.mvc and lessonmenu.…
2017-01-09 15:00:55 -05:00
2688c8ee77
removing debug statement
2017-01-09 14:04:48 -05:00
40f1d58796
Issue #302 : Fix redundant calls to lessonoverview.mvc and lessonmenu.mvc on submission
2017-01-07 15:46:19 +01:00
c2988eb771
#305 - update to use generic Object in map
2017-01-06 13:01:55 -05:00
4c5e58d1a1
minor style updates
2017-01-06 08:08:22 -05:00
00eeae911d
#305 UserSessionData bean to provide stateful session data
2017-01-05 17:28:53 -05:00
dcab7d8abd
Lesson overview simplification moving template to separate file.
2017-01-01 21:06:00 +01:00
e2cb9ceae0
#277 Re-institute admin functionality for WebGoat 8
...
- Report card functionality is back
2016-12-31 18:27:20 +01:00
9c03b6f63b
#276 Automatic lesson summary page
...
- Basic overview of all the assignments needed to be solved in a lesson
- Clicking on a link will jump to the correct page with the assignment
- Lesson completed also updates lesson overview immediately
2016-12-28 10:14:34 +01:00
282073ed2d
Adding ZAP content for HTTP Basics
2016-12-22 16:37:57 -05:00
35055eeb3c
#296 updates href according to to page nav
2016-12-22 15:08:33 -05:00
4392150561
Merge branch 'develop' into feature/asciidoc_syntax_highlight
2016-12-16 16:44:42 +01:00
6fa894938b
Issue #275 : Activate Syntax Highlighting with Coderay in Asciidoc templates
2016-12-15 17:37:30 +01:00
81e3000f2d
Issue #293 : fix images in asciidoc by setting backend to xhtml
2016-12-11 20:05:28 +01:00
b8b632905d
Fixing failing unit test
2016-12-08 22:06:21 +01:00
3ab86d69ca
temporary commenting out test additions that were breaking build/run
2016-12-07 08:46:13 -05:00
16e5df09b5
Fix wrong comment
2016-12-02 13:51:46 +01:00
feb38eef8c
Issue #160 : Provide Async Error Handling
...
Added Toast notification for unexpected errors
On 401 and 403 Errors, user is redirected to login
2016-12-02 13:37:25 +01:00
e5ed24fcf7
Added testcase for LabelService
2016-11-29 21:27:11 +01:00
5f0ab09866
Added license
2016-11-29 20:31:28 +01:00
1a854a500e
Lesson overview
2016-11-29 20:27:54 +01:00
df29b36389
Merge pull request #289 from zupzup/feature/labelservice
...
Issue #265 : Created LabelService to support UI localization
2016-11-29 12:57:53 -05:00
e183c8d8b3
implementing support for dom xss
2016-11-23 17:25:47 -05:00
2b0b49c0c2
Remove unused import
2016-11-23 15:36:02 +01:00
0aa9c29256
adding direct to page navigation route
2016-11-23 09:32:06 -05:00
6acd149e5f
Issue #265 : Created LabelService to support UI localization
2016-11-23 14:20:43 +01:00
4940a12d0d
button size fix
2016-11-22 16:25:19 -05:00
