5e6f825e64 
					 
					
						
						
							
							WIP  
						
						
						
						
					 
					
						2019-09-13 16:42:13 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						361249c666 
					 
					
						
						
							
							First attempt at moving to Spring Boot 2  
						
						
						
						
					 
					
						2019-09-12 17:22:03 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						fb2e11fe11 
					 
					
						
						
							
							fix for complete progress of sql mitigations and integration test  
						
						
						
						
					 
					
						2019-09-10 13:58:58 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						a56f41e0ea 
					 
					
						
						
							
							Merge branch 'pr/579' into develop  
						
						
						
						
					 
					
						2019-09-10 13:55:43 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						43c25dc3bb 
					 
					
						
						
							
							Modified PR to reflect coding style  
						
						
						
						
					 
					
						2019-09-10 13:53:30 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						6e9a52a05e 
					 
					
						
						
							
							Merge pull request  #647  from WebGoat/separate_project  
						
						... 
						
						
						
						Nice work. I will add some tests for the missing parts in the SQL mitigations (in a separate pull request) 
						
						
					 
					
						2019-09-09 14:05:21 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f7c8a271aa 
					 
					
						
						
							
							Fixed small typos  
						
						
						
						
					 
					
						2019-09-09 13:55:24 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						7a4f6e6fd3 
					 
					
						
						
							
							Merge branch 'JeffreyWagnerBHN-develop' into develop  
						
						
						
						
					 
					
						2019-09-09 13:54:38 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						aec051a9f1 
					 
					
						
						
							
							Fixed minor spelling mistake  
						
						
						
						
					 
					
						2019-09-09 13:41:38 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						bf52e7a992 
					 
					
						
						
							
							Fixed checking of server already running  
						
						
						
						
					 
					
						2019-09-09 11:37:26 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						0982bd982c 
					 
					
						
						
							
							Review comments processed:  
						
						... 
						
						
						
						- Ports can now be changed
- User is now a default user making it easier to login and look around after a failure 
						
						
					 
					
						2019-09-08 18:52:12 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						75a174ff7b 
					 
					
						
						
							
							Fixed description and grammer  
						
						
						
						
					 
					
						2019-09-06 21:12:55 -04:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						2283f945a9 
					 
					
						
						
							
							Fix failing configuration  
						
						
						
						
					 
					
						2019-08-25 17:53:36 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						ff530e926e 
					 
					
						
						
							
							Use separate project for integration tests so we can start WebGoat and WebWolf  
						
						
						
						
					 
					
						2019-08-25 17:43:14 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						139651615e 
					 
					
						
						
							
							Make lesson csrf-7 stricter (do not allow invalid JSON, e.g. trailing =)  
						
						
						
						
					 
					
						2019-08-22 17:44:52 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						924a53c22a 
					 
					
						
						
							
							fixed sql adv 5 progress and added prove in integration test  
						
						
						
						
					 
					
						2019-08-22 17:44:34 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						c93563da3f 
					 
					
						
						
							
							Merge pull request  #643  from TortugaAttack/multipleTracker45  
						
						... 
						
						
						
						Fixed  #642  - multiple tracker for one user fixed 
					
						2019-08-22 15:07:59 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						73553d91d3 
					 
					
						
						
							
							Merge pull request  #639  from jskiba99/patch-2  
						
						... 
						
						
						
						Update CrossSiteScripting_content9.adoc 
						
						
					 
					
						2019-08-22 11:14:38 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f0d1555a09 
					 
					
						
						
							
							Fixed   #45  - multiple tracker for one user fixed  
						
						
						
						
					 
					
						2019-08-21 23:38:27 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						6d36e7db74 
					 
					
						
						
							
							Added new endpoint for POST so it will give feedback to the UI. It now  
						
						... 
						
						
						
						ended up in a HTTP/405 which does not give any feedback to the UI 
						
						
					 
					
						2019-08-17 13:52:59 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						e01c2a35ce 
					 
					
						
						
							
							Add test case for security question assignment and the tracking is now  
						
						... 
						
						
						
						done with a session scoped bean 
						
						
					 
					
						2019-08-06 19:04:07 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						7d9f24c86b 
					 
					
						
						
							
							Update CrossSiteScripting_content9.adoc  
						
						... 
						
						
						
						Fix broken resource link 
						
						
					 
					
						2019-08-06 05:26:05 -04:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						18eee4df58 
					 
					
						
						
							
							Fix for issue with timestamp not being parsed when sending to WebWolf  
						
						... 
						
						
						
						timestamp was already fixed at LocalDateTime.now() however WebGoat still
send the timestamp along, removed it 
						
						
					 
					
						2019-07-28 20:50:19 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						e61c943f97 
					 
					
						
						
							
							#601  bug: username is case sensitive, but email in general is not  
						
						... 
						
						
						
						Opted for completing remove support for uppercase letters in username
this way we never come across issued with casing in WebGoat 
						
						
					 
					
						2019-07-28 20:48:20 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						d2e23f6b8e 
					 
					
						
						
							
							reduce logging  
						
						
						
						
					 
					
						2019-07-25 20:17:52 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						ffbc808e26 
					 
					
						
						
							
							Integration test support  
						
						
						
						
					 
					
						2019-07-25 20:17:52 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						ae674b9297 
					 
					
						
						
							
							Merge pull request  #620  from zubcevic/july2019-bugfixes  
						
						... 
						
						
						
						increased sql form fields and fixed chrome progress 
						
						
					 
					
						2019-07-25 08:39:34 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						33c73a7dca 
					 
					
						
						
							
							Adding new developer  
						
						
						
						
					 
					
						2019-07-24 20:37:32 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						216b29fca2 
					 
					
						
						
							
							Clean up in pom files  
						
						
						
						
					 
					
						2019-07-24 20:37:32 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						ee0988effe 
					 
					
						
						
							
							Merge pull request  #627  from WebGoat/gh-jwhite-patch-1  
						
						... 
						
						
						
						Delete do-not-merge.md 
						
						
					 
					
						2019-07-23 14:19:26 -06:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						67440a6cc8 
					 
					
						
						
							
							Delete do-not-merge.md  
						
						... 
						
						
						
						removing earlier test file 
						
						
					 
					
						2019-07-23 14:18:51 -06:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						6c8921a951 
					 
					
						
						
							
							Merge pull request  #625  from WebGoat/another-ci-fail-test  
						
						... 
						
						
						
						Create do-not-merge.md 
						
						
					 
					
						2019-07-23 11:41:35 -06:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						b395be9bd0 
					 
					
						
						
							
							Create do-not-merge.md  
						
						... 
						
						
						
						testing a status check/branch protection thing 
						
						
					 
					
						2019-07-23 10:38:25 -06:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						7ad3996f2f 
					 
					
						
						
							
							fix 6a6b page  
						
						
						
						
					 
					
						2019-07-22 15:36:31 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						b65644edee 
					 
					
						
						
							
							progress fix for SqlInjectionMitigations  
						
						
						
						
					 
					
						2019-07-22 12:16:18 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						ea38973068 
					 
					
						
						
							
							UTF-8 config added for ThymeLeaf  
						
						
						
						
					 
					
						2019-07-22 08:21:34 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						7d0a63ac95 
					 
					
						
						
							
							small html changes to improve progress  
						
						
						
						
					 
					
						2019-07-20 09:34:27 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						f9e78739f3 
					 
					
						
						
							
							reverted mandatory file encoding which will make it worse on windows  
						
						
						
						
					 
					
						2019-07-20 09:13:21 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						656fa40182 
					 
					
						
						
							
							style sheet and advanced sql  
						
						
						
						
					 
					
						2019-07-19 16:49:30 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						99435a1073 
					 
					
						
						
							
							increased sql form fields and fixed chrome progress  
						
						
						
						
					 
					
						2019-07-19 12:16:06 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						9471e53818 
					 
					
						
						
							
							Fix image names for google chrome dev tools lesson  
						
						
						
						
					 
					
						2019-07-14 12:40:05 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						d814522223 
					 
					
						
						
							
							Fix test for HTTP proxy lesson  
						
						
						
						
					 
					
						2019-07-14 12:39:07 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						2eaf263e81 
					 
					
						
						
							
							Improve task description for HTTP proxy lesson  
						
						
						
						
					 
					
						2019-07-14 12:39:07 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						41f252970b 
					 
					
						
						
							
							corrected path in pom  
						
						
						
						
					 
					
						2019-07-14 12:38:11 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						63a1097466 
					 
					
						
						
							
							owasp categories  
						
						
						
						
					 
					
						2019-07-14 12:38:11 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						bc0d803123 
					 
					
						
						
							
							add login&pwd in JDBC url for PostgreSQL  
						
						... 
						
						
						
						I really don't know why exactly spring parameters are not used here,
probably for schema creation step. Until changing what the application does on startup
this will make it 'just work' without extra changes. 
						
						
					 
					
						2019-07-14 12:29:51 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						12de48ebbb 
					 
					
						
						
							
							additional environment entries to support https on webgoat  
						
						
						
						
					 
					
						2019-07-14 12:18:07 +02:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						62fbd6d340 
					 
					
						
						
							
							Merge pull request  #610  from johannesegger/patch-1  
						
						... 
						
						
						
						Fix typo in CIA lesson 
						
						
					 
					
						2019-07-12 17:21:46 -06:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						e36b4c3910 
					 
					
						
						
							
							Merge pull request  #618  from matthias-g/csrf-3-post  
						
						... 
						
						
						
						Do not allow trivial solution to CSRF-3 
						
						
					 
					
						2019-07-12 17:16:23 -06:00 
						 
				 
			
				
					
						
					 
					
						
						
							
						
						97f66545e0 
					 
					
						
						
							
							In CSRF-3 use POST instead of GET to prevent solving the assignment just by opening the URL in a new tab  
						
						
						
						
					 
					
						2019-07-12 17:25:58 +02:00