0982bd982c
Review comments processed:
...
- Ports can now be changed
- User is now a default user making it easier to login and look around after a failure
2019-09-08 18:52:12 +02:00
75a174ff7b
Fixed description and grammer
2019-09-06 21:12:55 -04:00
2283f945a9
Fix failing configuration
2019-08-25 17:53:36 +02:00
ff530e926e
Use separate project for integration tests so we can start WebGoat and WebWolf
2019-08-25 17:43:14 +02:00
139651615e
Make lesson csrf-7 stricter (do not allow invalid JSON, e.g. trailing =)
2019-08-22 17:44:52 +02:00
924a53c22a
fixed sql adv 5 progress and added prove in integration test
2019-08-22 17:44:34 +02:00
c93563da3f
Merge pull request #643 from TortugaAttack/multipleTracker45
...
Fixed #642 - multiple tracker for one user fixed
2019-08-22 15:07:59 +02:00
73553d91d3
Merge pull request #639 from jskiba99/patch-2
...
Update CrossSiteScripting_content9.adoc
2019-08-22 11:14:38 +02:00
f0d1555a09
Fixed #45 - multiple tracker for one user fixed
2019-08-21 23:38:27 +02:00
6d36e7db74
Added new endpoint for POST so it will give feedback to the UI. It now
...
ended up in a HTTP/405 which does not give any feedback to the UI
2019-08-17 13:52:59 +02:00
e01c2a35ce
Add test case for security question assignment and the tracking is now
...
done with a session scoped bean
2019-08-06 19:04:07 +02:00
7d9f24c86b
Update CrossSiteScripting_content9.adoc
...
Fix broken resource link
2019-08-06 05:26:05 -04:00
18eee4df58
Fix for issue with timestamp not being parsed when sending to WebWolf
...
timestamp was already fixed at LocalDateTime.now() however WebGoat still
send the timestamp along, removed it
2019-07-28 20:50:19 +02:00
e61c943f97
#601 bug: username is case sensitive, but email in general is not
...
Opted for completing remove support for uppercase letters in username
this way we never come across issued with casing in WebGoat
2019-07-28 20:48:20 +02:00
d2e23f6b8e
reduce logging
2019-07-25 20:17:52 +02:00
ffbc808e26
Integration test support
2019-07-25 20:17:52 +02:00
ae674b9297
Merge pull request #620 from zubcevic/july2019-bugfixes
...
increased sql form fields and fixed chrome progress
2019-07-25 08:39:34 +02:00
33c73a7dca
Adding new developer
2019-07-24 20:37:32 +02:00
216b29fca2
Clean up in pom files
2019-07-24 20:37:32 +02:00
ee0988effe
Merge pull request #627 from WebGoat/gh-jwhite-patch-1
...
Delete do-not-merge.md
2019-07-23 14:19:26 -06:00
67440a6cc8
Delete do-not-merge.md
...
removing earlier test file
2019-07-23 14:18:51 -06:00
6c8921a951
Merge pull request #625 from WebGoat/another-ci-fail-test
...
Create do-not-merge.md
2019-07-23 11:41:35 -06:00
b395be9bd0
Create do-not-merge.md
...
testing a status check/branch protection thing
2019-07-23 10:38:25 -06:00
7ad3996f2f
fix 6a6b page
2019-07-22 15:36:31 +02:00
b65644edee
progress fix for SqlInjectionMitigations
2019-07-22 12:16:18 +02:00
ea38973068
UTF-8 config added for ThymeLeaf
2019-07-22 08:21:34 +02:00
7d0a63ac95
small html changes to improve progress
2019-07-20 09:34:27 +02:00
f9e78739f3
reverted mandatory file encoding which will make it worse on windows
2019-07-20 09:13:21 +02:00
656fa40182
style sheet and advanced sql
2019-07-19 16:49:30 +02:00
99435a1073
increased sql form fields and fixed chrome progress
2019-07-19 12:16:06 +02:00
9471e53818
Fix image names for google chrome dev tools lesson
2019-07-14 12:40:05 +02:00
d814522223
Fix test for HTTP proxy lesson
2019-07-14 12:39:07 +02:00
2eaf263e81
Improve task description for HTTP proxy lesson
2019-07-14 12:39:07 +02:00
41f252970b
corrected path in pom
2019-07-14 12:38:11 +02:00
63a1097466
owasp categories
2019-07-14 12:38:11 +02:00
bc0d803123
add login&pwd in JDBC url for PostgreSQL
...
I really don't know why exactly spring parameters are not used here,
probably for schema creation step. Until changing what the application does on startup
this will make it 'just work' without extra changes.
2019-07-14 12:29:51 +02:00
12de48ebbb
additional environment entries to support https on webgoat
2019-07-14 12:18:07 +02:00
62fbd6d340
Merge pull request #610 from johannesegger/patch-1
...
Fix typo in CIA lesson
2019-07-12 17:21:46 -06:00
e36b4c3910
Merge pull request #618 from matthias-g/csrf-3-post
...
Do not allow trivial solution to CSRF-3
2019-07-12 17:16:23 -06:00
97f66545e0
In CSRF-3 use POST instead of GET to prevent solving the assignment just by opening the URL in a new tab
2019-07-12 17:25:58 +02:00
27125acd22
Fix issue with maven wrapper using TLS 1.2 as it no longer is supported
2019-07-09 20:19:54 +02:00
1aa98be908
Fix issue with maven wrapper using TLS 1.2 as it no longer is supported
2019-07-09 20:18:54 +02:00
cb667094f2
update jar plugin version
2019-07-09 19:11:52 +02:00
703b6c676e
Fix typo
2019-06-14 15:09:55 +02:00
00deb66ad9
Small update for password reset lesson
2019-05-09 09:17:11 +02:00
2a5e8dfdac
Add missing step necessary to finish the release
2019-05-03 11:20:53 +02:00
98537426f2
SNAPSHOT version
2019-05-03 11:15:11 +02:00
529e8d73e1
Merge tag 'v8.0.0.M25' into develop
...
New release
2019-05-03 09:57:22 +02:00
d8d32c60cb
Merge branch 'release/v8.0.0.M25'
2019-05-03 09:57:12 +02:00
9b0c4e62c2
New release, updating pom.xml
2019-05-03 09:50:01 +02:00
