dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Commit Graph

  • 263ce31db3 Merge pull request #224 from WebGoat/feature/137 Nanne 2016-04-08 18:27:21 +02:00
  • 407a5a810b Merge pull request #220 from WebGoat/feature/169 Nanne 2016-04-08 18:27:12 +02:00
  • 46b24d72c9 Merge pull request #212 from nbaars/develop Nanne 2016-04-08 18:27:00 +02:00
  • 0401779f58 Fix broken test Daniel Kvist 2016-03-31 23:06:16 +02:00
  • 7758947711 Load welcome.mvc instead of start.mvc when navigating home on the log, fixes #218 Daniel Kvist 2016-03-31 23:02:54 +02:00
  • 58ae7f3727 Move loading of developer controls so they do not reload every time. Also reload current lesson after reloading labels. Ref webgoat/webgoat#93. Daniel Kvist 2016-03-31 22:56:17 +02:00
  • 2be4248ea3 Add menu toggle to show/hide the controls. Ref webgoat/webgoat#93 Daniel Kvist 2016-03-30 22:38:18 +02:00
  • e6fb74fa55 Implementation of developer controls to reload plugins and set label debugging from the GUI. Ref: webgoat/webgoat#93 Daniel Kvist 2016-03-30 22:07:11 +02:00
  • b06d9ffd81 Admin should also be able to see the solution, source and lesson plan. Nanne Baars 2016-03-29 01:24:07 +02:00
  • a52df28ec6 Merge pull request #223 from WebGoat/features/221 Nanne 2016-03-29 00:25:00 +02:00
  • 042a62624f Fixed the classnames in the wsdd config file (moved to different package) Nanne Baars 2016-03-29 00:17:01 +02:00
  • 015dcbde38 Added image for Github developers documentation about lesson progress implementation. Nanne Baars 2016-03-28 08:38:25 +02:00
  • 60192db921 Renamed everything to 'progress' instead of 'completed' Nanne Baars 2016-03-28 08:37:18 +02:00
  • 765b212032 Merge pull request #219 from muzir/patch-1 Nanne 2016-03-27 17:46:51 +02:00
  • b4cc27c761 Lesson completed message is now within js which makes it possible to show the Congratulation message after the CSRF link has been clicked. Same as marking the lesson complete green checkbox Nanne Baars 2016-03-27 17:46:06 +02:00
  • c11ecef099 Update README.MD erhun 2016-03-25 10:28:07 +02:00
  • 35bd866873 Merge pull request #214 from span/restart-button Nanne 2016-03-19 15:22:41 +01:00
  • 1815494681 Injection Flaws -> Limit Command Injection success to a set of commands and clarify this to the user #179 - Defuse command boolean flag is no longer necessary due to a change in the lesson, removed this flag from the webgoat-container project Nanne Baars 2016-03-19 12:40:28 +01:00
  • 6c92f0629e Fix #213 by changing the id of the restart button to the correct it Daniel Kvist 2016-03-18 21:11:49 +01:00
  • 7a7fb088ad #173 Added the URL for WebGoat to the console output Nanne Baars 2016-03-18 14:38:49 +01:00
  • bc6b040f42 Injection Flaws | XPath Injection date file path issue #184 - Enabled the lesson again because lesson has been fixed Nanne Baars 2016-03-18 13:39:18 +01:00
  • 50c4d9c170 Removed duplicate entry Nanne Baars 2016-03-18 13:17:10 +01:00
  • 8738bb2e46 Merge pull request #210 from nxadm/develop Nanne 2016-03-09 19:07:40 +01:00
  • dc56ff9359 Fix shebang u0097636@kuleuven.be 2016-03-09 15:41:32 +01:00
  • 5d393d1d65 Merge pull request #207 from span/weak-auth-cookie-enable Nanne 2016-02-25 22:07:46 +01:00
  • f5a5335e31 Merge pull request #205 from muzir/develop Nanne 2016-02-25 22:06:24 +01:00
  • a9a7c18592 Enable weak authentication cookie lesson if webgoat/webgoat#181 is not reproducible Daniel Kvist 2016-02-24 15:23:03 +01:00
  • 01636eae10 Merge pull request #203 from span/readme-7.0.1 mayhew64 2016-02-23 09:08:13 -05:00
  • 3d7eb40787 Merge pull request #202 from misfir3/develop mayhew64 2016-02-23 09:07:40 -05:00
  • 25f08ea9b4 -- Remove raw type usage, add type check parameter. -- Remove unused variable and unused imports. muzir 2016-02-23 15:15:47 +02:00
  • 82d4324b67 Update easy run links to package 7.0.1 and update developer references from 7.0-SNAPSHOT to 7.1-SNAPSHOT as noted by @diegochavezcarro in #200 Daniel Kvist 2016-02-20 13:02:05 +01:00
  • 575c940655 #180, clean up Jason White 2016-02-18 21:26:32 -05:00
  • 7c65441c8e #180, better management of show* buttons Jason White 2016-02-18 19:44:12 -05:00
  • daa05dd192 Seems locale should not depend of request's Accept-Language header. Ruslan Boyarsky 2016-02-12 18:26:32 +03:00
  • dbb75980c9 Merge pull request #197 from span/htmlencoder mayhew64 2016-02-12 13:02:41 -05:00
  • 727e4ff56c Merge pull request #196 from span/xss-lab mayhew64 2016-02-12 13:01:31 -05:00
  • d89362226e Merge pull request #193 from nbaars/develop mayhew64 2016-02-12 12:59:36 -05:00
  • 77c4a04d3d Fixes #195 by adding static initialisation of the maps rather then using the constructor Daniel Kvist 2016-02-04 23:27:31 +01:00
  • 59549e3b21 Add stage parameter in the session to keep track of current stage so that we do not reset the stage and recreate the database in the middle of a lesson. To do this a small refactor of WebSession was made which simply extracts some methods from the previously large update method. Ref #176. Daniel Kvist 2016-02-04 23:21:12 +01:00
  • 1d2a612c1f webgoat-container should unpack all the lessons #192 Nanne Baars 2016-02-02 00:42:10 +01:00
  • 724c084abf Updading develop branch pom versions to 7.1-SNAPSHOT Doug Morato 2016-02-01 18:30:53 -05:00
  • f825bead8b The OWASP WebGoat 7.0.1 Release 7.0.1 Doug Morato 2016-02-01 18:09:48 -05:00
  • f5290faaf0 Merge pull request #191 from span/disable-xss-lesson Doug Morato 2016-02-01 16:18:59 -05:00
  • 370c34b7da Disable cross-site scripting lab Daniel Kvist 2016-02-01 21:47:28 +01:00
  • 35e9b36b00 [maven-release-plugin] prepare for next development iteration Doug Morato 2016-02-01 13:57:19 -05:00
  • dcf1995fe8 [maven-release-plugin] prepare release 7.0 Doug Morato 2016-02-01 13:57:16 -05:00
  • 3d3edfa809 Merge pull request #190 from dougmorato/master Doug Morato 2016-02-01 00:03:21 -05:00
  • 9997b61995 Adding OSSRH Repository on Parent Pom Doug Morato 2016-01-31 23:57:49 -05:00
  • 8c97acda8a Merge pull request #189 from dougmorato/master Doug Morato 2016-01-31 23:32:18 -05:00
  • 3bd9d87b42 Setting GPG keyname as WebGoat in Parent Pom Doug Morato 2016-01-31 23:26:59 -05:00
  • 61d8e20b09 Merge pull request #188 from dougmorato/master Doug Morato 2016-01-31 23:27:29 -05:00
  • 6320c2d22d Fixining all the javadoc issues preventing the release Doug Morato 2016-01-31 23:14:50 -05:00
  • 35a39777af Merge pull request #187 from dougmorato/master Doug Morato 2016-01-31 22:38:36 -05:00
  • 6826d0eeba Improving WebGoat Developer Bootstrap Script Doug Morato 2016-01-31 22:36:11 -05:00
  • b937e5936c Merge pull request #185 from mayhew64/master mayhew64 2016-01-30 13:48:42 -05:00
  • 416fda799b issue #147 disabling broken lessons mayhew64 2016-01-30 13:45:26 -05:00
  • f94d8121d0 Merge pull request #172 from misfir3/master Nanne 2016-01-18 15:57:19 +01:00
  • 76fa797857 #167 removing refrences to github.io in code Jason White 2016-01-18 06:42:05 -05:00
  • 8d87830472 Merge pull request #166 from misfir3/master Nanne 2016-01-15 17:38:26 +01:00
  • 07f0cea0a0 #165 cleaning up interim code Jason White 2016-01-14 09:03:43 -05:00
  • b3541231bc #165 provide default and ability to override in lesson Jason White 2016-01-14 09:01:47 -05:00
  • 1a7535e3e2 Merge pull request #164 from dougmorato/master Nanne 2016-01-09 09:35:54 +02:00
  • daed6a648f Remove Coverity Badge from README Doug Morato 2016-01-08 12:59:15 -05:00
  • 241ed0f47a Merge pull request #163 from nbaars/master misfir3 2016-01-08 12:56:50 -05:00
  • e1be080eea Forced browsing lesson does not show success #143 Nanne Baars 2016-01-06 18:47:59 +02:00
  • 2be182f603 Merge pull request #155 from nbaars/master misfir3 2015-12-12 12:26:44 -05:00
  • 23a1f9e38e Removed obsolete classes Nanne Baars 2015-12-08 22:54:11 +01:00
  • 5dfd1c44e9 Moving lesson utilities to common project instead of AbstractLesson Nanne Baars 2015-12-03 22:52:11 +01:00
  • 5bd348f975 Merge pull request #153 from misfir3/master Nanne 2015-12-02 21:34:32 +01:00
  • 539985c59e #45 finally won't see two 'Stored XSS lessons hightlighted Jason White 2015-12-02 15:08:32 -05:00
  • 0628a27b34 clean up Jason White 2015-12-02 15:06:10 -05:00
  • d4af09c72a #133 hiding hint on change of lesson/loesson load Jason White 2015-12-02 14:05:22 -05:00
  • e530be6e3e Update README.MD mayhew64 2015-11-30 08:58:23 -05:00
  • 78a19c9e80 Update README.MD mayhew64 2015-11-30 08:58:04 -05:00
  • eb46123cf2 Merge pull request #152 from mayhew64/master mayhew64 2015-11-30 08:53:03 -05:00
  • 023966fbb1 changed back to compile phase, package phase breaks the war-exec.jar construction mayhew64 2015-11-30 08:51:53 -05:00
  • 511ed91130 Merge pull request #147 from ilatypov/master mayhew64 2015-11-24 19:44:24 -05:00
  • 8284f08413 Merge pull request #149 from aravindc26/master mayhew64 2015-11-20 12:38:06 -05:00
  • 62a4056d9b Fixes typo in README aravindc26 2015-11-20 00:07:04 +05:30
  • 4c4753784d Merge pull request #148 from slavP/eclipseImportFix mayhew64 2015-11-12 16:43:54 -05:00
  • 4c538ee398 #66 Fixing jar plugin lifecycle issue slav pilus 2015-11-12 20:49:51 +00:00
  • ea1d852cda Convert the message number parameter into the MVC route part. Correct the result of the restart lesson button. Ilguiz Latypov 2015-11-07 03:59:12 -05:00
  • de71f2700e Let user-composed (CSRF) attacks send one-request actions, as opposed to the address bar MVC links requesting lessons. The lesson display servlets have javascript that requests data and actions. Ilguiz Latypov 2015-11-07 03:56:34 -05:00
  • 05a1f5dd3a Merge pull request #140 from dougmorato/master Nanne 2015-10-28 19:11:02 +01:00
  • ba20f8d14b Fix javax.mail dependecy and update versions Doug Morato 2015-10-27 22:15:14 -04:00
  • 44b20bfc89 Caching .m2 repository to speed the Travis build Doug Morato 2015-10-27 21:19:12 -04:00
  • 0997c860eb Merge pull request #136 from dougmorato/master Nanne 2015-10-27 19:52:32 +01:00
  • e8e1e904ec Updating dependencies and plugin versions Doug Morato 2015-10-26 18:47:18 -04:00
  • 4a43a5572e Unregister JDBC drivers, Fixes #134 Doug Morato 2015-10-26 18:23:27 -04:00
  • cf84e674b7 Fix typo on pom.xml Doug Morato 2015-10-26 18:18:31 -04:00
  • bdc99f305a Travis build number now available from admin page Doug Morato 2015-10-26 18:18:07 -04:00
  • 10e2b044e9 Merge pull request #132 from nbaars/master Doug Morato 2015-10-26 16:48:50 -04:00
  • 789a57e792 SEVERE: The web application [/WebGoat] appears to have started a thread named [pool-7-thread-5] but has failed to stop it. This is very likely to create a memory leak #124 Nanne Baars 2015-10-26 21:38:30 +01:00
  • 5c3f77d84b Merge pull request #131 from dougmorato/master Doug Morato 2015-10-26 10:48:57 -04:00
  • ff6a9b0295 Do not clean before mvn cobertura and coveralls Doug Morato 2015-10-26 10:48:34 -04:00
  • 44d944bceb Merge pull request #129 from dougmorato/master Doug Morato 2015-10-26 10:09:16 -04:00
  • 91ea844c7f Merge pull request #130 from nbaars/master Doug Morato 2015-10-26 09:59:20 -04:00
  • 94ae466dbd Cannot serialize session attribute #123 Nanne Baars 2015-10-26 07:52:26 +01:00
  • 2803b7cd84 Adding VersionEye Doug Morato 2015-10-26 00:33:04 -04:00
  • 398f918376 Coveralls goal abreviation Doug Morato 2015-10-25 23:21:28 -04:00