6c92f0629e
Fix #213 by changing the id of the restart button to the correct it
2016-03-18 21:11:49 +01:00
7a7fb088ad
#173 Added the URL for WebGoat to the console output
2016-03-18 14:38:49 +01:00
bc6b040f42
Injection Flaws | XPath Injection date file path issue #184
...
- Enabled the lesson again because lesson has been fixed
2016-03-18 13:39:18 +01:00
50c4d9c170
Removed duplicate entry
2016-03-18 13:17:10 +01:00
5d393d1d65
Merge pull request #207 from span/weak-auth-cookie-enable
...
Enable weak authentication cookie lesson
2016-02-25 22:07:46 +01:00
f5a5335e31
Merge pull request #205 from muzir/develop
...
-- Remove raw type usage, add type check parameter.
2016-02-25 22:06:24 +01:00
a9a7c18592
Enable weak authentication cookie lesson if webgoat/webgoat#181 is not reproducible
2016-02-24 15:23:03 +01:00
25f08ea9b4
-- Remove raw type usage, add type check parameter.
...
-- Remove unused variable and unused imports.
2016-02-23 15:15:47 +02:00
575c940655
#180 , clean up
2016-02-18 21:26:32 -05:00
7c65441c8e
#180 , better management of show* buttons
2016-02-18 19:44:12 -05:00
daa05dd192
Seems locale should not depend of request's Accept-Language header.
...
Signed-off-by: Nanne Baars <nbaars@xebia.com >
2016-02-12 23:42:21 +01:00
dbb75980c9
Merge pull request #197 from span/htmlencoder
...
Fixes #195 by adding static initialisation of the maps
2016-02-12 13:02:41 -05:00
77c4a04d3d
Fixes #195 by adding static initialisation of the maps rather then using the constructor
2016-02-04 23:27:31 +01:00
59549e3b21
Add stage parameter in the session to keep track of current stage so that we do not reset the stage and recreate the database in the middle of a lesson. To do this a small refactor of WebSession was made which simply extracts some methods from the previously large update method. Ref #176 .
2016-02-04 23:21:12 +01:00
370c34b7da
Disable cross-site scripting lab
2016-02-01 21:47:28 +01:00
6320c2d22d
Fixining all the javadoc issues preventing the release
...
In order to perfom a Sonatype OSS release, all the javadocs must pe corretly and completely parsed in order to pass the release requirement.
This comment is only adding "comments' pertaining to javadoc. NO CODE HAS BEEN CHANGED
Signed-off-by: Doug Morato <dm@corp.io >
2016-01-31 23:14:50 -05:00
416fda799b
issue #147 disabling broken lessons
2016-01-30 13:45:26 -05:00
76fa797857
#167 removing refrences to github.io in code
2016-01-18 06:42:05 -05:00
07f0cea0a0
#165 cleaning up interim code
2016-01-14 09:03:43 -05:00
b3541231bc
#165 provide default and ability to override in lesson
2016-01-14 09:01:47 -05:00
e1be080eea
Forced browsing lesson does not show success #143
2016-01-06 18:47:59 +02:00
23a1f9e38e
Removed obsolete classes
2015-12-08 22:58:33 +01:00
5dfd1c44e9
Moving lesson utilities to common project instead of AbstractLesson
2015-12-03 22:52:11 +01:00
539985c59e
#45 finally won't see two 'Stored XSS lessons hightlighted
2015-12-02 15:08:32 -05:00
0628a27b34
clean up
2015-12-02 15:06:10 -05:00
d4af09c72a
#133 hiding hint on change of lesson/loesson load
2015-12-02 14:05:22 -05:00
ea1d852cda
Convert the message number parameter into the MVC route part. Correct the result of the restart lesson button.
2015-11-07 05:43:40 -05:00
de71f2700e
Let user-composed (CSRF) attacks send one-request actions, as opposed to the address bar MVC links requesting lessons. The lesson display servlets have javascript that requests data and actions.
2015-11-07 05:43:31 -05:00
4a43a5572e
Unregister JDBC drivers, Fixes #134
...
Upon calling the maven tomcat7:shutdown goal, a severe error message was thrown because of not unloading the JDBC drivers.
Signed-off-by: Doug Morato <dm@corp.io >
2015-10-26 18:23:27 -04:00
789a57e792
SEVERE: The web application [/WebGoat] appears to have started a thread named [pool-7-thread-5] but has failed to stop it. This is very likely to create a memory leak #124
2015-10-26 21:38:30 +01:00
44d944bceb
Merge pull request #129 from dougmorato/master
...
Maven-tomcat plugin fix and correct typo on JS file
2015-10-26 10:09:16 -04:00
94ae466dbd
Cannot serialize session attribute #123
2015-10-26 07:52:26 +01:00
345e3cc7cb
Fix typo on JS file
...
Signed-off-by: Doug Morato <dm@corp.io >
2015-10-25 22:53:56 -04:00
ab29afec3c
code cleanup
2015-10-24 13:15:14 -05:00
fc2360b49b
#41 ... one more
2015-10-24 13:12:44 -05:00
e3df816fb9
#41 omitted on earlier commit
2015-10-24 13:10:43 -05:00
45db051f30
removing redundant line, adding hasPlan to special challenge case handling
2015-10-24 11:45:49 -05:00
d52dfe87c4
Merge remote-tracking branch 'upstream/master'
2015-10-24 09:12:02 -05:00
3c1336a033
#41 : spinner implemented for menu loading
2015-10-23 15:15:57 -05:00
060b0cd8fa
Logging in sometimes goes to report card and misses category-menu #114
2015-10-23 06:54:14 +02:00
648bd3bb95
code cleanup
2015-10-22 16:55:18 -05:00
c1e836360f
Fix #81 to activate close button in the modal footer
2015-10-22 22:14:09 +02:00
325b964559
Fix #112 deployment descriptor elements in wrong order and off white spacing
2015-10-21 21:57:35 +02:00
28ea340307
#103 : removing ace directory, not in use
2015-10-21 11:11:43 -04:00
e1829e209c
Implemented lesson information which gives a mapping between the menu and the actual WebGoat-Lessons project.
2015-10-04 11:56:12 +02:00
a6a1b32939
Removed credits from lessons
2015-10-03 18:21:54 +02:00
487bc71df1
Moved the logic to the plugin loader which makes the context listener obsolete
2015-09-30 23:08:10 +02:00
219b38315b
Make sure WEB-INF/lib dir is available
2015-09-30 19:10:33 +02:00
6a00d66f8b
Plugins are now reloaded
2015-09-29 21:41:36 +02:00
33d251a147
Fixed goathills lesson with JSP now load correctly again(2)
2015-09-29 20:39:09 +02:00
