6a5ca43e7e
Strip out slash-escaped JSON sequence received in client.
...
The server will slash-escape some JSON related characters before sending. Need to strip them out before using, on the client side.
2018-05-02 22:21:22 +02:00
9aa674e326
stringfy object so it's visible in the console
2018-05-02 22:04:25 +02:00
6b4a488c8c
Users shared now between WebGoat and WebWolf by starting HSQLDB
...
as standalone database
2018-05-01 22:00:07 +02:00
8050a2b56d
XXE lesson not showing correct link for WebWolf
2018-05-01 21:54:28 +02:00
11ffa5702c
Added "WebWolf" enabled to the lessons which support the usage of WebWolf
2018-04-29 15:02:19 +02:00
8b8a89a8ab
Add extra informational message when a failure occurs while sending an email from WebGoat to WebWolf.
2018-04-28 16:01:57 +02:00
e4ca0c4836
Make report working again
2018-04-27 19:26:01 +02:00
e422da4c64
Polling for lesson updates (updates the menu and page navigation)
2018-04-27 18:50:13 +02:00
245ba2c3d1
Fix XXE lesson, the exact .webgoat directory including version number will be put in the lesson.
2018-04-24 20:44:05 +02:00
672d78eebc
Resource bundle in UTF-8
2018-04-23 16:12:50 +02:00
f30db3abfc
New version number
2018-04-11 20:45:12 +02:00
98efc1235f
By default binds to ALL network interfaces #431
2018-01-29 15:32:02 +01:00
b99b554522
Version: docker 8.0.0.M9 Multiple users can't finalize the same lesson #432
2018-01-29 15:29:48 +01:00
04ccf9a422
New release should create a new webgoat directory with version tag inside #423
2018-01-21 17:46:43 +01:00
ee11381a63
Fixed database issue mappings
2018-01-21 17:13:28 +01:00
2cc6c232e2
Added macro for asciidoc to produce the WebWolf link dynamically depending on configuration
2018-01-15 20:56:59 +01:00
a6b9235711
SQL Error '-104' in XSS Lesson Page 7 #416
2018-01-10 12:48:45 +01:00
a9ac00a075
Clean up
2018-01-08 23:42:36 +01:00
05d8b590f3
Merge tag '8.0.0' into develop
...
Release 8.0.0
2017-12-30 16:52:24 +01:00
c6e86861fe
Removed Mongodb, so we do not have issues with downloading the embedded Mongodb. Moved back to JPA and use HSQLDB for storing user information.
2017-12-29 22:12:21 +01:00
dd7f4074cd
Added encoding for asciidoc
2017-12-28 00:16:16 +01:00
43b82027f5
Added more content for CSRF lesson
2017-11-22 01:34:05 +01:00
5eed385d5d
When an adoc file cannot be found the complete lesson crashed, made it failsafe with a logging statement.
2017-11-17 07:08:24 +01:00
157b982394
successFunction and failureFunction were selected by using the main form (so the succesFunction of the first assignment was used for the next assignment) not the currentForm we determined in onFormSubmit() function.
2017-11-17 07:06:56 +01:00
6c91e7dc8a
Fixed WebWolf issues with sending e-mails
2017-11-15 11:58:31 +01:00
f91f77708a
New version
2017-11-02 21:44:30 +01:00
fc1353b2f1
Pom cleanup
2017-11-02 16:14:44 +01:00
1e9f92220d
Removed unnecessary JPA libraries
2017-11-02 15:44:45 +01:00
a11d3d0b1b
- Made movie little bit shorter because webgoat-server.jar was over 200Mb
...
- Movie was copy and pasted to csrf and auth lesson removed it from those lessons
- Made jars which are not necessary in the webgoat-server.jar optional
2017-11-02 15:39:49 +01:00
8729d9bfcf
Fixed minor issues for properties and starting WebGoat
2017-11-02 12:42:19 +01:00
24cf806787
more hints/helps cleanup
2017-10-25 18:05:08 -06:00
c6f1c5cd2a
#351 - using listenToOnce to get rid of redundant calls
2017-10-25 17:11:54 -06:00
1ecb43092d
Bumped version number
2017-10-18 19:58:14 +02:00
8250b4048f
Updating version number
2017-10-18 19:43:33 +02:00
3ee1a1ca16
Travis now builds Docker and create a Github release.
...
Removed ActiveMQ between WebGoat and WebWolf they now act as standalone applications
2017-10-18 10:54:16 +02:00
d0ec84e9a6
Merge remote-tracking branch 'upstream/develop' into develop
2017-10-11 20:29:47 -06:00
b156d81535
Initial cut on CSRF. More to come
2017-10-11 20:06:57 -06:00
5033c3661a
Cleaning up test case logging
2017-10-08 02:07:22 +02:00
6cb526aa43
Maven build generates too much output for Travis CI
2017-10-08 01:58:03 +02:00
8a982dedb5
Updated XXE lesson so it also uses WebWolf
2017-10-07 13:46:34 +02:00
46c536554c
- Added new challenges
...
- Added new webapplication called WebWolf to make attacks more realistic
- Added WebWolf lesson to explain the concepts behind this new application
2017-09-12 23:12:10 +02:00
b41751a55c
missing function level ac working again ... after VM implosion
2017-08-08 17:15:20 -06:00
8df1d53471
interim missing function ac commit, traversing dev. env.
2017-08-08 09:28:09 -06:00
06bf690a3a
Merge remote-tracking branch 'upstream/develop' into develop
2017-08-02 19:12:29 -04:00
49621c637f
Upgraded to latest in memory MongoDB (due to download link no longer working)
2017-07-26 05:07:15 +02:00
f1a104f0ab
merging missing function-level-ac lesson
2017-07-25 09:44:10 -04:00
8186bd4766
css and xss updates
2017-07-24 18:05:57 -04:00
c44186f986
start of missing function ac lesson
2017-07-24 16:26:23 -04:00
ca4b0c06b5
lesson css file
2017-07-24 11:34:10 -04:00
dce962bdeb
Updating Category ordering, closer to T10
2017-07-19 15:54:50 -04:00
