1d2575a211
Allow - in usernames because CSRF lesson requires username starting with prefix crsf- #476
2018-06-13 11:38:33 +02:00
56fc983414
Update database layout so that proposed solution works
2018-06-12 17:40:28 +02:00
bae3e75ae2
Fix minor issues in hint view
2018-06-12 11:02:16 +02:00
89f6a73275
Fix next page button when url doesn't end with page number
2018-06-07 19:07:58 +02:00
1734170e9e
updates to missing function ac lesson
2018-06-04 16:53:13 -06:00
26aa72e721
New release
2018-05-30 20:54:13 +02:00
c510bd9bf1
New develop version
2018-05-30 20:37:25 +02:00
c7a714a590
Move to next release
2018-05-30 17:05:50 +02:00
ecb7688e08
Update to new version for develop
...
Move WebWolf to port 9090 easier since most of the time something is running on 8081
Add scripts for easy building Docker files etc
2018-05-30 13:17:05 +02:00
fc2c99bcb4
Limit the username to letters and digits only
2018-05-29 16:16:52 +02:00
55793dd153
New release v8.0.0.M15
2018-05-27 20:54:50 +02:00
f8a7a61e85
New lesson working
2018-05-26 15:09:18 +02:00
dda6f674a3
Last assignment for JWT tokens finished
2018-05-23 14:28:19 +02:00
60ef35e241
Working lesson
2018-05-23 14:28:19 +02:00
9d7886d572
More JWT work
2018-05-23 14:28:19 +02:00
ea9c1a453d
Initial version for JWT
2018-05-23 14:28:19 +02:00
84860e65f6
Insecure Deserialization exercise
2018-05-23 13:58:03 +02:00
a73bf58d36
more hintview patching
2018-05-23 13:35:51 +02:00
0ff6000511
wiring jqueryui to vuln jquery #368
2018-05-23 13:35:51 +02:00
91d9db5f80
work-arounds, fixes for page initialization and some clean-up
2018-05-23 13:35:51 +02:00
6a5ca43e7e
Strip out slash-escaped JSON sequence received in client.
...
The server will slash-escape some JSON related characters before sending. Need to strip them out before using, on the client side.
2018-05-02 22:21:22 +02:00
9aa674e326
stringfy object so it's visible in the console
2018-05-02 22:04:25 +02:00
6b4a488c8c
Users shared now between WebGoat and WebWolf by starting HSQLDB
...
as standalone database
2018-05-01 22:00:07 +02:00
8050a2b56d
XXE lesson not showing correct link for WebWolf
2018-05-01 21:54:28 +02:00
11ffa5702c
Added "WebWolf" enabled to the lessons which support the usage of WebWolf
2018-04-29 15:02:19 +02:00
8b8a89a8ab
Add extra informational message when a failure occurs while sending an email from WebGoat to WebWolf.
2018-04-28 16:01:57 +02:00
e4ca0c4836
Make report working again
2018-04-27 19:26:01 +02:00
e422da4c64
Polling for lesson updates (updates the menu and page navigation)
2018-04-27 18:50:13 +02:00
245ba2c3d1
Fix XXE lesson, the exact .webgoat directory including version number will be put in the lesson.
2018-04-24 20:44:05 +02:00
672d78eebc
Resource bundle in UTF-8
2018-04-23 16:12:50 +02:00
f30db3abfc
New version number
2018-04-11 20:45:12 +02:00
98efc1235f
By default binds to ALL network interfaces #431
2018-01-29 15:32:02 +01:00
b99b554522
Version: docker 8.0.0.M9 Multiple users can't finalize the same lesson #432
2018-01-29 15:29:48 +01:00
04ccf9a422
New release should create a new webgoat directory with version tag inside #423
2018-01-21 17:46:43 +01:00
ee11381a63
Fixed database issue mappings
2018-01-21 17:13:28 +01:00
2cc6c232e2
Added macro for asciidoc to produce the WebWolf link dynamically depending on configuration
2018-01-15 20:56:59 +01:00
a6b9235711
SQL Error '-104' in XSS Lesson Page 7 #416
2018-01-10 12:48:45 +01:00
a9ac00a075
Clean up
2018-01-08 23:42:36 +01:00
05d8b590f3
Merge tag '8.0.0' into develop
...
Release 8.0.0
2017-12-30 16:52:24 +01:00
c6e86861fe
Removed Mongodb, so we do not have issues with downloading the embedded Mongodb. Moved back to JPA and use HSQLDB for storing user information.
2017-12-29 22:12:21 +01:00
dd7f4074cd
Added encoding for asciidoc
2017-12-28 00:16:16 +01:00
43b82027f5
Added more content for CSRF lesson
2017-11-22 01:34:05 +01:00
5eed385d5d
When an adoc file cannot be found the complete lesson crashed, made it failsafe with a logging statement.
2017-11-17 07:08:24 +01:00
157b982394
successFunction and failureFunction were selected by using the main form (so the succesFunction of the first assignment was used for the next assignment) not the currentForm we determined in onFormSubmit() function.
2017-11-17 07:06:56 +01:00
6c91e7dc8a
Fixed WebWolf issues with sending e-mails
2017-11-15 11:58:31 +01:00
f91f77708a
New version
2017-11-02 21:44:30 +01:00
fc1353b2f1
Pom cleanup
2017-11-02 16:14:44 +01:00
1e9f92220d
Removed unnecessary JPA libraries
2017-11-02 15:44:45 +01:00
a11d3d0b1b
- Made movie little bit shorter because webgoat-server.jar was over 200Mb
...
- Movie was copy and pasted to csrf and auth lesson removed it from those lessons
- Made jars which are not necessary in the webgoat-server.jar optional
2017-11-02 15:39:49 +01:00
8729d9bfcf
Fixed minor issues for properties and starting WebGoat
2017-11-02 12:42:19 +01:00
