5dd6b31905
Adjust lesson template ( #704 )
...
* Remove method `getId()` from all lessons as it defaults to the class name
* remove clean up endpoint
* remove unused class `RequestParameter`
* remove unused class `PluginLoadingFailure`
* Move `CourseConfiguration` to lesson package
* Add more content around the lesson template lesson and make it visible as a lesson in WebGoat
* Remove explicit invocation `trackProgress()` inside WebGoat framework so assignments only need to return an `AttackResult`
* Put original solution back as well for SQL string injection
* review comments
* Add
2019-11-17 13:39:56 +01:00
f40b6ffd31
Moving back to snapshot
2019-11-13 12:27:26 +01:00
fe2ac1b8d4
New release, updating pom.xml
2019-11-12 09:22:45 +01:00
f7b794bf68
Race condition in counting number of attempts #567 ( #697 )
...
Add version to Hibernate mapping so we get optimistic locking this solves
number of parallel calls trying to update/guess and mess with the lesson
counter
2019-11-03 18:14:15 +01:00
1a83e2825e
Code style ( #696 )
...
* Remove Guava dependency from WebGoat
* Add Checkstyle to the project with very basic standards so we have a
style across lessons. It does not interfere with basic Intellij formatting
2019-11-03 18:11:09 +01:00
710adfae20
Upgrade to latest Spring Boot version
2019-10-30 08:28:14 +01:00
9b87fd602c
Explicitly set session persistence to false (result in non serializable exception)
2019-10-30 08:28:14 +01:00
689e3de7a4
Final changes for splitting SQL WebGoat and lessons
2019-10-30 08:28:14 +01:00
25dae3a4a8
Fix merge request
2019-10-30 08:28:14 +01:00
2a6b3d189e
Disable csrf through property no longer works and we already have it in WebSecurityConfig. Thymeleaf templates caching is set on the resolvers themselves
2019-10-30 08:28:14 +01:00
1f00d461a8
cleaned logs and changed username length for csrf-uuid
2019-10-15 13:59:18 +02:00
8d7142e6d3
upgrade ascii doc with support for link in new tab
2019-10-15 13:55:34 +02:00
e0ac4a1083
lessons in correct order and scoreboard visible again ( #680 )
2019-10-10 09:45:43 +02:00
663224d06a
xxe path info ( #670 )
...
* xxe path info aid added
* xxe path info aid added
* changes to template file and hints
* added ssl test support for XXE
* added ssl test support for XXE
* restconfig replaced by httpsrelaxed
* processed review comments on hints and example
2019-10-02 09:59:32 +02:00
0319c477b1
XSS lesson completion fixes ( #669 )
...
* XSS lesson completion fixes
* removed log all
* lesson progress capable of deprecated assignments in the database
* fixed unit test for lesson progress
2019-09-29 14:46:18 +02:00
d080b3ef06
Review comment
2019-09-24 07:36:49 +02:00
35c1305ce9
Merge conflicts resolved
2019-09-23 07:34:27 +02:00
261f947777
Fix
2019-09-20 17:45:33 +02:00
c8ef848657
Fix
2019-09-20 17:36:15 +02:00
6fe5831f11
FIx?
2019-09-20 16:46:26 +02:00
cf00454f8b
Testing issue
2019-09-20 08:30:07 +02:00
e8d086ac9b
All successful
2019-09-20 07:59:04 +02:00
82ad0a7cc7
Finally working
2019-09-18 17:53:43 +02:00
4777dab57a
review comments processed
2019-09-18 17:46:32 +02:00
ec236a4ff5
First steps in XXE integration tests
2019-09-18 14:48:34 +02:00
f774364461
Working unit tests
2019-09-13 20:05:25 +02:00
dceb375d5e
WIP
2019-09-13 18:57:40 +02:00
5e6f825e64
WIP
2019-09-13 16:42:13 +02:00
361249c666
First attempt at moving to Spring Boot 2
2019-09-12 17:22:03 +02:00
2283f945a9
Fix failing configuration
2019-08-25 17:53:36 +02:00
ff530e926e
Use separate project for integration tests so we can start WebGoat and WebWolf
2019-08-25 17:43:14 +02:00
f0d1555a09
Fixed #45 - multiple tracker for one user fixed
2019-08-21 23:38:27 +02:00
e61c943f97
#601 bug: username is case sensitive, but email in general is not
...
Opted for completing remove support for uppercase letters in username
this way we never come across issued with casing in WebGoat
2019-07-28 20:48:20 +02:00
ae674b9297
Merge pull request #620 from zubcevic/july2019-bugfixes
...
increased sql form fields and fixed chrome progress
2019-07-25 08:39:34 +02:00
216b29fca2
Clean up in pom files
2019-07-24 20:37:32 +02:00
ea38973068
UTF-8 config added for ThymeLeaf
2019-07-22 08:21:34 +02:00
f9e78739f3
reverted mandatory file encoding which will make it worse on windows
2019-07-20 09:13:21 +02:00
656fa40182
style sheet and advanced sql
2019-07-19 16:49:30 +02:00
63a1097466
owasp categories
2019-07-14 12:38:11 +02:00
12de48ebbb
additional environment entries to support https on webgoat
2019-07-14 12:18:07 +02:00
98537426f2
SNAPSHOT version
2019-05-03 11:15:11 +02:00
9b0c4e62c2
New release, updating pom.xml
2019-05-03 09:50:01 +02:00
e57c9d05b6
added checkbox and corrected fall back for the other labels
2019-04-21 14:10:01 +02:00
27a61f0f70
Reworked and styled quiz
2019-03-26 08:43:38 +01:00
0915bf3d7f
Changed checkboxes to radio buttons, since it is single choice.
...
Moved css to seperate css file.
Made questions clickable not just the checkbox.
Reworked java code.
Work in Progress...
2019-03-26 08:43:38 +01:00
8b61811278
Added doc to quiz js
2019-03-26 08:43:38 +01:00
b02a01d35e
squash
2019-03-26 08:43:38 +01:00
6d974b5fa8
Fixed lesson sorting issue
2019-03-26 08:43:38 +01:00
4cdd649a5a
Added html mode for code editor
2019-03-26 08:43:38 +01:00
3a7601d348
Moved js files to global directory, added id system to question json
2019-03-26 08:43:38 +01:00
