team-alpha/railsgoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,199 Commits 1 Branch 0 Tags
a440caeda118f897575385b6f9a0b7d0d112e73e
Commit Graph

256 Commits

Author SHA1 Message Date
Tom Copeland e8da858e0e Comment out csrf_meta_tags 
Per https://github.com/OWASP/railsgoat/wiki/R4-A8-CSRF this line should
be commented out for the developer to fix (by uncommenting it).
 2017-07-21 09:16:20 -04:00
cktricky 8374026697 Resolves issue #229 2016-04-11 09:03:07 -04:00
cktricky 67069c955f fixing the visit tutorial button, the link is incorrect 2016-03-08 11:05:16 -05:00
Mike McCabe 30da507539 disabling turbolinks for the font links. the style does not seem to be reloaded with turbolinks enabled 2016-01-07 17:03:35 -05:00
cktricky 3d76988741 interesting bug. The piechart code was calling nonexistent code (given the view) which conflated the bug hunting and was irrelevant. The real problem was having datatables paginate twice due to the way the table is loaded. So, unnecessary code removed and resolves #216 2016-01-07 15:19:58 -05:00
Al Snow 59fdb07124 Changed view files to fix Travis build and upgraded mime_types gem. 2015-11-21 17:03:39 -05:00
Al Snow e07b75ac5a Changed 2 view files to fix Travis build and upgraded mime_types gem. 2015-11-21 16:58:28 -05:00
Michael McCabe 1f4b7d53aa minor nit pick, capitalizing certain buttons 2015-11-20 21:24:57 -05:00
cktricky f6f3af918a fixes change show that error messages display and the broken auth tests are not failing. Basically in Rails 4 each error messages name value is no longer a symbol but a string 2015-07-03 12:10:58 -04:00
Al Snow c0b1f68209 Upgraded 7+ gems by rebuilding Gemfile.lock file; Removed blanks at end of lines in layouts file 2015-06-11 09:19:47 -04:00
cktricky 40763588c7 i hate myself for using onclick but, it works 2015-06-09 14:02:31 -04:00
Al Snow 890b77bdaf Upgraded 5 gems by rebuilding Gemfile.lock file 2015-03-28 10:46:52 -04:00
cktricky efe81fb6a6 okay, a lot of changes but this basically gets us out of tutorials being hosted locally 2015-03-25 19:32:12 -04:00
cktricky f8c771a84b Merge branch 'master' of github.com:OWASP/railsgoat into tuts 2015-03-20 18:46:51 -04:00
Al Snow fa3a338838 Merge branch 'master' of https://github.com/OWASP/railsgoat 2015-03-19 16:43:29 -04:00
cktricky 449b599703 cleaned up the view code here for tomorrows thing 2015-03-17 22:12:21 -04:00
Al Snow 9e7eb02cde Merge branch 'master' of https://github.com/OWASP/railsgoat 
Conflicts:
	Gemfile.lock
 2015-02-26 09:13:15 -05:00
Mike McCabe b2c8e6cf8d Merge branch 'master' of github.com:OWASP/railsgoat 2015-02-23 21:30:37 -05:00
Mike McCabe 1eee953f62 adding render vuln 2015-02-23 20:36:53 -05:00
Al Snow ca0526ccc9 Upgraded to Rails 4.0.13; Rebuilt Gemfile.lock file 2015-01-10 09:45:51 -05:00
cktricky e91bf1e776 still working on content 2015-01-09 11:36:35 -05:00
cktricky 50a9fee280 still experimenting with the flow 2015-01-07 09:34:53 -05:00
cktricky 09ba2b3270 going to dynamically load the tutorial page depending on the route folks decide to take 2015-01-06 19:43:23 -05:00
cktricky c1e5a8684a changing the home page 2015-01-06 17:59:06 -05:00
cktricky 0242907ce6 starting from scratch on how to get started 2015-01-06 16:55:16 -05:00
cktricky c39b0c35fd resolves issue #180 2015-01-06 13:14:53 -05:00
Al Snow feb51d077c Add changes 2014-12-28 17:05:46 -05:00
Al Snow 87fed3a305 Rebuilt Gemfile.lock file; Fixed Time.now issue 2014-10-28 13:45:12 -04:00
cktricky d6f5d38f77 removing the send tutorial for now 2014-10-23 16:41:54 -05:00
Al Snow 71c994575e Update to railsgoat 2014-10-04 10:41:14 -04:00
cktricky 925ff9b360 Resolves #152 2014-09-26 20:37:11 -04:00
Al Snow 1ea0c2ddbb More Rails 4.0 upgrade changes 
1. Compared existing branch with empty Rails 4.0 project and
    made changes as needed.
 2. Fix find/first warning.
 3. Fix sqlite timeout issue.
    -- config/database.yml
    -- spec/vulnerabilities/insecure_dor_spec.rb
 2014-09-13 13:44:07 -04:00
cktricky 7e38ac845f oops, omitted a couple important features/vulnerabilities 2014-09-11 11:13:15 -04:00
cktricky a50cad0cf3 Resolves #133 2014-09-11 11:11:55 -04:00
cktricky ef2bc20c97 working on the httponly tutorial 2014-09-11 11:01:56 -04:00
Mike McCabe 4f2bfc1a8f fixing tutorial it should be != to match code not == 2014-08-22 19:44:35 -04:00
cktricky 61c5981cb7 Merge branch 'pr-145' 2014-08-19 12:33:22 -04:00
cktricky 286e89ea36 removed the tutorial snippet about using Rails 3.2.11 since this is no longer the case; under the insecure components section. Also, changed the partials name to first (from second), and renumbered the collapsable sections. Ran tests, all seems good to go 2014-08-19 12:32:19 -04:00
cktricky a4c68989f0 keeping changes for now 2014-08-04 12:58:17 -04:00
cktricky e2546f4eeb moved the conditional statement out of the primary view and into the layout itself 2014-07-29 18:00:42 -05:00
cktricky 88ed0e2b50 need to create the bar graph version, write up the remaining parts of the tutorial, and ensure it did not break the DOM vuln 2014-07-29 17:56:33 -05:00
cktricky 2baf57780c added a button which will be used for our send vuln 2014-07-28 15:25:41 -04:00
cktricky 04109a2366 working on a new vulnerability 2014-07-28 14:43:14 -04:00
James Espinosa 7e4fad462b Convert file indentation to spaces 2014-07-05 20:17:27 -05:00
James Espinosa 68e6a01743 Clean up trailing and leading whitespace 2014-07-05 19:15:32 -05:00
cktricky e727ff9fd6 added API keys to the tutorial credentials section 2014-06-11 08:08:14 -04:00
cktricky 8595954096 removed alert when an error is thrown 2014-05-26 16:58:26 -04:00
cktricky 1594255251 added coerceToString sot hat hogan functions properly 2014-05-26 13:51:20 -04:00
cktricky 2f5dbb7d82 Merge branch 'metaprogramming' 2014-05-22 15:39:39 -06:00
cktricky 7acc17aea3 everything checks out re: unit tests. Additionally, this closes issue #112 (seriously, are we up to 112 issues already?) 2014-05-22 10:56:29 -06:00