From fda47b3643d0b822153a2a91f7e71f3d6b06305d Mon Sep 17 00:00:00 2001
From: Ken Johnson <cktricky@Kens-MacBook-Pro.local>
Date: Thu, 25 Apr 2013 01:54:10 -0400
Subject: [PATCH] changed a bunch of stuff

---
 app/controllers/tutorials_controller.rb      |  2 +-
 app/views/layouts/tutorial/_sidebar.html.erb |  6 +-
 app/views/tutorials/broken_auth.html.erb     | 62 ++++++++++++++++++
 app/views/tutorials/crypto.html.erb          | 62 ++++++++++++++++++
 app/views/tutorials/csrf.html.erb            | 62 ++++++++++++++++++
 app/views/tutorials/injection.html.erb       | 62 ++++++++++++++++++
 app/views/tutorials/insecure_doa.html.erb    |  7 --
 app/views/tutorials/insecure_dor.html.erb    | 69 ++++++++++++++++++++
 app/views/tutorials/misconfig.html.erb       | 62 ++++++++++++++++++
 app/views/tutorials/xss.html.erb             | 62 ++++++++++++++++++
 config/routes.rb                             |  2 +-
 11 files changed, 446 insertions(+), 12 deletions(-)
 delete mode 100644 app/views/tutorials/insecure_doa.html.erb
 create mode 100644 app/views/tutorials/insecure_dor.html.erb

diff --git a/app/controllers/tutorials_controller.rb b/app/controllers/tutorials_controller.rb
index 10e5583..1e77beb 100755
--- a/app/controllers/tutorials_controller.rb
+++ b/app/controllers/tutorials_controller.rb
@@ -11,7 +11,7 @@ class TutorialsController < ApplicationController
   def broken_auth
   end
   
-  def insecure_doa
+  def insecure_dor
   end
   
   def csrf
diff --git a/app/views/layouts/tutorial/_sidebar.html.erb b/app/views/layouts/tutorial/_sidebar.html.erb
index 586862c..ac7d09f 100755
--- a/app/views/layouts/tutorial/_sidebar.html.erb
+++ b/app/views/layouts/tutorial/_sidebar.html.erb
@@ -24,12 +24,12 @@
         A3 Broken Auth
       <% end %>
     </li>
-    <li id="insecure_doa">
-      <%= link_to insecure_doa_tutorials_path do %>
+    <li id="insecure_dor">
+      <%= link_to insecure_dor_tutorials_path do %>
         <div class="icon">
           <span class="fs1" aria-hidden="true" data-icon="&#xe094;"></span>
         </div>
-        A4 Insecure DOA
+        A4 Insecure DOR
       <% end %>
     </li>
     <li id="csrf">
diff --git a/app/views/tutorials/broken_auth.html.erb b/app/views/tutorials/broken_auth.html.erb
index 51f6acd..d6ebf23 100644
--- a/app/views/tutorials/broken_auth.html.erb
+++ b/app/views/tutorials/broken_auth.html.erb
@@ -1,3 +1,65 @@
+<div class="dashboard-wrapper">
+	<div class="main-container">
+		<div class="row-fluid">
+		    <div class="span12">
+		      <div class="widget">
+		        <div class="widget-header">
+		          <div class="title">
+		            <span class="fs1" aria-hidden="true" data-icon="&#xe092;"></span> A3 - Broken Authentication and Session Management
+		          </div>
+		        </div>
+		        <div class="widget-body">
+		          <div id="accordion1" class="accordion no-margin">
+		            <div class="accordion-group">
+		              <div class="accordion-heading">
+		                <a href="#collapseOne" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+		                  <i class="icon-info icon-white">
+		                  </i>
+		                  Description
+		                </a>
+		              </div>
+		              <div class="accordion-body in collapse" id="collapseOne" style="height: auto;">
+		                <div class="accordion-inner">
+		                  Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor
+		                </div>
+		              </div>
+		            </div>
+		            <div class="accordion-group">
+		              <div class="accordion-heading">
+		                <a href="#collapseTwo" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+		                  <i class="icon-bug icon-white">
+		                  </i>
+		                  Bug
+		                </a>
+		              </div>
+		              <div class="accordion-body collapse" id="collapseTwo" style="height: 0px;">
+		                <div class="accordion-inner">
+		                  Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor
+		                </div>
+		              </div>
+		            </div>
+		            <div class="accordion-group">
+		              <div class="accordion-heading">
+		                <a href="#collapseThree" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+		                  <i class="icon-lightning icon-white">
+		                  </i>
+		                  Solution
+		                </a>
+		              </div>
+		              <div class="accordion-body collapse" id="collapseThree" style="height: 0px;">
+		                <div class="accordion-inner">
+		                  Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor
+		                </div>
+		              </div>
+		            </div>
+		          </div>
+		        </div>
+		      </div>
+		    </div>
+		</div>
+	</div>
+</div>
+
 <script type="text/javascript">
 function makeActive(){
 	$('li[id="broken_auth"]').addClass('active');
diff --git a/app/views/tutorials/crypto.html.erb b/app/views/tutorials/crypto.html.erb
index 380b64a..c61d80b 100644
--- a/app/views/tutorials/crypto.html.erb
+++ b/app/views/tutorials/crypto.html.erb
@@ -1,3 +1,65 @@
+<div class="dashboard-wrapper">
+	<div class="main-container">
+		<div class="row-fluid">
+		    <div class="span12">
+		      <div class="widget">
+		        <div class="widget-header">
+		          <div class="title">
+		            <span class="fs1" aria-hidden="true" data-icon="&#xe092;"></span> A7 - Insecure Cryptographic Storage
+		          </div>
+		        </div>
+		        <div class="widget-body">
+		          <div id="accordion1" class="accordion no-margin">
+		            <div class="accordion-group">
+		              <div class="accordion-heading">
+		                <a href="#collapseOne" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+		                  <i class="icon-info icon-white">
+		                  </i>
+		                  Description
+		                </a>
+		              </div>
+		              <div class="accordion-body in collapse" id="collapseOne" style="height: auto;">
+		                <div class="accordion-inner">
+		                  Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor
+		                </div>
+		              </div>
+		            </div>
+		            <div class="accordion-group">
+		              <div class="accordion-heading">
+		                <a href="#collapseTwo" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+		                  <i class="icon-bug icon-white">
+		                  </i>
+		                  Bug
+		                </a>
+		              </div>
+		              <div class="accordion-body collapse" id="collapseTwo" style="height: 0px;">
+		                <div class="accordion-inner">
+		                  Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor
+		                </div>
+		              </div>
+		            </div>
+		            <div class="accordion-group">
+		              <div class="accordion-heading">
+		                <a href="#collapseThree" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+		                  <i class="icon-lightning icon-white">
+		                  </i>
+		                  Solution
+		                </a>
+		              </div>
+		              <div class="accordion-body collapse" id="collapseThree" style="height: 0px;">
+		                <div class="accordion-inner">
+		                  Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor
+		                </div>
+		              </div>
+		            </div>
+		          </div>
+		        </div>
+		      </div>
+		    </div>
+		</div>
+	</div>
+</div>
+
 <script type="text/javascript">
 function makeActive(){
 	$('li[id="crypto"]').addClass('active');
diff --git a/app/views/tutorials/csrf.html.erb b/app/views/tutorials/csrf.html.erb
index 80c032c..b88e645 100644
--- a/app/views/tutorials/csrf.html.erb
+++ b/app/views/tutorials/csrf.html.erb
@@ -1,3 +1,65 @@
+<div class="dashboard-wrapper">
+	<div class="main-container">
+		<div class="row-fluid">
+		    <div class="span12">
+		      <div class="widget">
+		        <div class="widget-header">
+		          <div class="title">
+		            <span class="fs1" aria-hidden="true" data-icon="&#xe092;"></span> A5 - Cross Site Request Forgery (CSRF)
+		          </div>
+		        </div>
+		        <div class="widget-body">
+		          <div id="accordion1" class="accordion no-margin">
+		            <div class="accordion-group">
+		              <div class="accordion-heading">
+		                <a href="#collapseOne" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+		                  <i class="icon-info icon-white">
+		                  </i>
+		                  Description
+		                </a>
+		              </div>
+		              <div class="accordion-body in collapse" id="collapseOne" style="height: auto;">
+		                <div class="accordion-inner">
+		                  Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor
+		                </div>
+		              </div>
+		            </div>
+		            <div class="accordion-group">
+		              <div class="accordion-heading">
+		                <a href="#collapseTwo" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+		                  <i class="icon-bug icon-white">
+		                  </i>
+		                  Bug
+		                </a>
+		              </div>
+		              <div class="accordion-body collapse" id="collapseTwo" style="height: 0px;">
+		                <div class="accordion-inner">
+		                  Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor
+		                </div>
+		              </div>
+		            </div>
+		            <div class="accordion-group">
+		              <div class="accordion-heading">
+		                <a href="#collapseThree" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+		                  <i class="icon-lightning icon-white">
+		                  </i>
+		                  Solution
+		                </a>
+		              </div>
+		              <div class="accordion-body collapse" id="collapseThree" style="height: 0px;">
+		                <div class="accordion-inner">
+		                  Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor
+		                </div>
+		              </div>
+		            </div>
+		          </div>
+		        </div>
+		      </div>
+		    </div>
+		</div>
+	</div>
+</div>
+
 <script type="text/javascript">
 function makeActive(){
 	$('li[id="csrf"]').addClass('active');
diff --git a/app/views/tutorials/injection.html.erb b/app/views/tutorials/injection.html.erb
index 9430b6d..ab415a4 100644
--- a/app/views/tutorials/injection.html.erb
+++ b/app/views/tutorials/injection.html.erb
@@ -1,3 +1,65 @@
+<div class="dashboard-wrapper">
+	<div class="main-container">
+		<div class="row-fluid">
+		    <div class="span12">
+		      <div class="widget">
+		        <div class="widget-header">
+		          <div class="title">
+		            <span class="fs1" aria-hidden="true" data-icon="&#xe092;"></span> A1 - SQL Injection
+		          </div>
+		        </div>
+		        <div class="widget-body">
+		          <div id="accordion1" class="accordion no-margin">
+		            <div class="accordion-group">
+		              <div class="accordion-heading">
+		                <a href="#collapseOne" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+		                  <i class="icon-info icon-white">
+		                  </i>
+		                  Description
+		                </a>
+		              </div>
+		              <div class="accordion-body in collapse" id="collapseOne" style="height: auto;">
+		                <div class="accordion-inner">
+		                  Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor
+		                </div>
+		              </div>
+		            </div>
+		            <div class="accordion-group">
+		              <div class="accordion-heading">
+		                <a href="#collapseTwo" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+		                  <i class="icon-bug icon-white">
+		                  </i>
+		                  Bug
+		                </a>
+		              </div>
+		              <div class="accordion-body collapse" id="collapseTwo" style="height: 0px;">
+		                <div class="accordion-inner">
+		                  Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor
+		                </div>
+		              </div>
+		            </div>
+		            <div class="accordion-group">
+		              <div class="accordion-heading">
+		                <a href="#collapseThree" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+		                  <i class="icon-lightning icon-white">
+		                  </i>
+		                  Solution
+		                </a>
+		              </div>
+		              <div class="accordion-body collapse" id="collapseThree" style="height: 0px;">
+		                <div class="accordion-inner">
+		                  Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor
+		                </div>
+		              </div>
+		            </div>
+		          </div>
+		        </div>
+		      </div>
+		    </div>
+		</div>
+	</div>
+</div>
+
 <script type="text/javascript">
 function makeActive(){
 	$('li[id="injection"]').addClass('active');
diff --git a/app/views/tutorials/insecure_doa.html.erb b/app/views/tutorials/insecure_doa.html.erb
deleted file mode 100644
index 364725c..0000000
--- a/app/views/tutorials/insecure_doa.html.erb
+++ /dev/null
@@ -1,7 +0,0 @@
-<script type="text/javascript">
-function makeActive(){
-	$('li[id="insecure_doa"]').addClass('active');
-};
-
-$(document).ready(makeActive);
-</script>
\ No newline at end of file
diff --git a/app/views/tutorials/insecure_dor.html.erb b/app/views/tutorials/insecure_dor.html.erb
new file mode 100644
index 0000000..73c3ed7
--- /dev/null
+++ b/app/views/tutorials/insecure_dor.html.erb
@@ -0,0 +1,69 @@
+<div class="dashboard-wrapper">
+	<div class="main-container">
+		<div class="row-fluid">
+		    <div class="span12">
+		      <div class="widget">
+		        <div class="widget-header">
+		          <div class="title">
+		            <span class="fs1" aria-hidden="true" data-icon="&#xe092;"></span> A4 - Insecure Direct Object References
+		          </div>
+		        </div>
+		        <div class="widget-body">
+		          <div id="accordion1" class="accordion no-margin">
+		            <div class="accordion-group">
+		              <div class="accordion-heading">
+		                <a href="#collapseOne" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+		                  <i class="icon-info icon-white">
+		                  </i>
+		                  Description
+		                </a>
+		              </div>
+		              <div class="accordion-body in collapse" id="collapseOne" style="height: auto;">
+		                <div class="accordion-inner">
+		                  Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor
+		                </div>
+		              </div>
+		            </div>
+		            <div class="accordion-group">
+		              <div class="accordion-heading">
+		                <a href="#collapseTwo" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+		                  <i class="icon-bug icon-white">
+		                  </i>
+		                  Bug
+		                </a>
+		              </div>
+		              <div class="accordion-body collapse" id="collapseTwo" style="height: 0px;">
+		                <div class="accordion-inner">
+		                  Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor
+		                </div>
+		              </div>
+		            </div>
+		            <div class="accordion-group">
+		              <div class="accordion-heading">
+		                <a href="#collapseThree" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+		                  <i class="icon-lightning icon-white">
+		                  </i>
+		                  Solution
+		                </a>
+		              </div>
+		              <div class="accordion-body collapse" id="collapseThree" style="height: 0px;">
+		                <div class="accordion-inner">
+		                  Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor
+		                </div>
+		              </div>
+		            </div>
+		          </div>
+		        </div>
+		      </div>
+		    </div>
+		</div>
+	</div>
+</div>
+
+<script type="text/javascript">
+function makeActive(){
+	$('li[id="insecure_dor"]').addClass('active');
+};
+
+$(document).ready(makeActive);
+</script>
\ No newline at end of file
diff --git a/app/views/tutorials/misconfig.html.erb b/app/views/tutorials/misconfig.html.erb
index 5506a60..d7f03c0 100644
--- a/app/views/tutorials/misconfig.html.erb
+++ b/app/views/tutorials/misconfig.html.erb
@@ -1,3 +1,65 @@
+<div class="dashboard-wrapper">
+	<div class="main-container">
+		<div class="row-fluid">
+		    <div class="span12">
+		      <div class="widget">
+		        <div class="widget-header">
+		          <div class="title">
+		            <span class="fs1" aria-hidden="true" data-icon="&#xe092;"></span> A6 - Security Misconfiguration
+		          </div>
+		        </div>
+		        <div class="widget-body">
+		          <div id="accordion1" class="accordion no-margin">
+		            <div class="accordion-group">
+		              <div class="accordion-heading">
+		                <a href="#collapseOne" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+		                  <i class="icon-info icon-white">
+		                  </i>
+		                  Description
+		                </a>
+		              </div>
+		              <div class="accordion-body in collapse" id="collapseOne" style="height: auto;">
+		                <div class="accordion-inner">
+		                  Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor
+		                </div>
+		              </div>
+		            </div>
+		            <div class="accordion-group">
+		              <div class="accordion-heading">
+		                <a href="#collapseTwo" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+		                  <i class="icon-bug icon-white">
+		                  </i>
+		                  Bug
+		                </a>
+		              </div>
+		              <div class="accordion-body collapse" id="collapseTwo" style="height: 0px;">
+		                <div class="accordion-inner">
+		                  Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor
+		                </div>
+		              </div>
+		            </div>
+		            <div class="accordion-group">
+		              <div class="accordion-heading">
+		                <a href="#collapseThree" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+		                  <i class="icon-lightning icon-white">
+		                  </i>
+		                  Solution
+		                </a>
+		              </div>
+		              <div class="accordion-body collapse" id="collapseThree" style="height: 0px;">
+		                <div class="accordion-inner">
+		                  Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor
+		                </div>
+		              </div>
+		            </div>
+		          </div>
+		        </div>
+		      </div>
+		    </div>
+		</div>
+	</div>
+</div>
+
 <script type="text/javascript">
 function makeActive(){
 	$('li[id="misconfig"]').addClass('active');
diff --git a/app/views/tutorials/xss.html.erb b/app/views/tutorials/xss.html.erb
index eedb79b..2eba576 100644
--- a/app/views/tutorials/xss.html.erb
+++ b/app/views/tutorials/xss.html.erb
@@ -1,3 +1,65 @@
+<div class="dashboard-wrapper">
+	<div class="main-container">
+		<div class="row-fluid">
+		    <div class="span12">
+		      <div class="widget">
+		        <div class="widget-header">
+		          <div class="title">
+		            <span class="fs1" aria-hidden="true" data-icon="&#xe092;"></span> A2 - Cross-Site Scripting ("XSS")
+		          </div>
+		        </div>
+		        <div class="widget-body">
+		          <div id="accordion1" class="accordion no-margin">
+		            <div class="accordion-group">
+		              <div class="accordion-heading">
+		                <a href="#collapseOne" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+		                  <i class="icon-info icon-white">
+		                  </i>
+		                  Description
+		                </a>
+		              </div>
+		              <div class="accordion-body in collapse" id="collapseOne" style="height: auto;">
+		                <div class="accordion-inner">
+		                  Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor
+		                </div>
+		              </div>
+		            </div>
+		            <div class="accordion-group">
+		              <div class="accordion-heading">
+		                <a href="#collapseTwo" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+		                  <i class="icon-bug icon-white">
+		                  </i>
+		                  Bug
+		                </a>
+		              </div>
+		              <div class="accordion-body collapse" id="collapseTwo" style="height: 0px;">
+		                <div class="accordion-inner">
+		                  Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor
+		                </div>
+		              </div>
+		            </div>
+		            <div class="accordion-group">
+		              <div class="accordion-heading">
+		                <a href="#collapseThree" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+		                  <i class="icon-lightning icon-white">
+		                  </i>
+		                  Solution
+		                </a>
+		              </div>
+		              <div class="accordion-body collapse" id="collapseThree" style="height: 0px;">
+		                <div class="accordion-inner">
+		                  Anim pariatur cliche reprehenderit, enim eiusmod high life accusamus terry richardson ad squid. 3 wolf moon officia aute, non cupidatat skateboard dolor brunch. Food truck quinoa nesciunt laborum eiusmod. Brunch 3 wolf moon tempor
+		                </div>
+		              </div>
+		            </div>
+		          </div>
+		        </div>
+		      </div>
+		    </div>
+		</div>
+	</div>
+</div>
+
 <script type="text/javascript">
 function makeActive(){
 	$('li[id="xss"]').addClass('active');
diff --git a/config/routes.rb b/config/routes.rb
index 4b3cb16..1fbe26a 100755
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -17,7 +17,7 @@ resources :tutorials do
     get "injection"
     get "xss"
     get "broken_auth"
-    get "insecure_doa"
+    get "insecure_dor"
     get "csrf"
     get "misconfig"
     get "crypto"