Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fixes #648: Add the localstorage challenge #716

Merged
merged 30 commits into from
May 5, 2023
Merged

fixes #648: Add the localstorage challenge #716

merged 30 commits into from
May 5, 2023

Conversation

Novice-expert
Copy link
Contributor

@Novice-expert Novice-expert commented Mar 20, 2023
edited by commjoen

What kind of changes does this PR include?

  • Fixes or refactors
  • A new challenge
  • Additional documentation
  • Something else

Description

This PR adds a new challenge i.e challenge 29.

Relations

Closes #648

References

Checklist:

  • All the contributions made are solely the work of me and my co-authors
  • I tested the changes in this PR (if applicable)
  • I added unit tests to ensure my change works (when change in Java or on front-end code)
  • The PR passes pre-commit hooks and automated tests

@Novice-expert
fixes OWASP#648
45dc4d5 
What kind of changes does this PR include?

-   [ ] Fixes or refactors
-   [ ✔] A new challenge
-   [ ] Additional documentation
-   [ ] Something else

Description

This PR adds a new challenge i.e challenge 29.

Relations

Closes  OWASP#648

References

LocalStorage

Checklist:

-   [✔ ] All the contributions made are solely the work of me and my co-authors
-   [ ✔] I tested the changes in this PR (if applicable)
-   [✔ ] I added unit tests to ensure my change works (when change in Java or on front-end code)
-   [✔ ] The PR passes pre-commit hooks and automated tests
commjoen
commjoen requested changes Mar 21, 2023
View reviewed changes
Copy link
Collaborator

@commjoen commjoen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @Novice-expert ! Thank you very much for your first submission for a Challenge in OWASP WrongSecrets! That's a great first step! Please have a look at the feedback and update the PR :).

src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge29.java Outdated Show resolved Hide resolved
src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge29.java Outdated Show resolved Hide resolved
src/main/resources/explanations/challenge29.adoc Outdated Show resolved Hide resolved
src/main/resources/explanations/challenge29_hint.adoc Outdated Show resolved Hide resolved
src/main/resources/explanations/challenge29_reason.adoc Outdated Show resolved Hide resolved
src/main/resources/templates/challenge.html Outdated Show resolved Hide resolved
src/test/java/org/owasp/wrongsecrets/challenges/docker/Challenge29Test.java Outdated Show resolved Hide resolved
@Novice-expert
Edits PR for challenge 29
1e15057 
separates controller, makes random local storage string
@Novice-expert
Adds swagger notation
f1b2e0a 
re-added missing swagger annotations
@Novice-expert
fixes OWASP#648
360ebba 
Fixes Challenge 29 codebase:

1: Separated controller and Challenge29 code.

2:Random string generation at every successful run of localhost.
commjoen
commjoen requested changes Mar 24, 2023
View reviewed changes
Copy link
Collaborator

@commjoen commjoen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Almost there! Can you move the secret key to its own controller class with challenge29 as its member? And can you update the tests to tests that controller as well?

src/main/java/org/owasp/wrongsecrets/challenges/Challenge.java Outdated Show resolved Hide resolved
src/main/java/org/owasp/wrongsecrets/challenges/ChallengesController.java Outdated Show resolved Hide resolved
@Novice-expert
Adds dedicated rest controller
2fe05b0 
Adds dedicated rest controller for challenge 29
@Novice-expert
Update index.html endpoint for restcontroller
dc17f08 
Update index.html endpoint for restcontroller
@Novice-expert
rectifies PR for issue OWASP#648
814fc66 
dedicated Rest Controller class
commjoen
commjoen requested changes Mar 25, 2023
View reviewed changes
Copy link
Collaborator

@commjoen commjoen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Allrighty! We are almost there! Looks much better than before: minor remarks for now :)

src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge29.java Outdated Show resolved Hide resolved
src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge29.java Outdated Show resolved Hide resolved
src/main/java/org/owasp/wrongsecrets/challenges/docker/Challenge29.java Outdated Show resolved Hide resolved
src/test/java/org/owasp/wrongsecrets/challenges/docker/Challenge29Test.java Outdated Show resolved Hide resolved
src/main/java/org/owasp/wrongsecrets/challenges/ChallengeRestController.java Show resolved Hide resolved
@Novice-expert
Added hidden annotation , modified Challenge29, Modified Challenge29Test
9575f20 
1:- Added hidden annotation so that it doesn't through swapper API generation.

2:- Modified class Challenge29 code as per general and uniform practice.

3:- Consequently, Modified class
Challenge29Test
@Novice-expert
Adds RestController Test.
ffdd3da 
Now the maven builds successfully.
The ChallengeRestControllerTest works fine!
@Novice-expert
Adds ctf handler snippet
7ee3f07 
Adds ctf handler snippet
@Novice-expert
fixes identation
8831969 
fixes identation
@Novice-expert
readds comments in challenge.java
7fde67f 
readds comments in challenge.java
@Novice-expert
Merge branch 'OWASP:master' into challenge29
56e0662
@Novice-expert
fixes checkstyles
0c63d55 
fixes checkstyles
@commjoen commjoen changed the title fixes #648 fixes #648: Add the localstorage challenge Apr 2, 2023
commjoen
commjoen approved these changes Apr 3, 2023
View reviewed changes
Copy link
Collaborator

@commjoen commjoen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks to be a good challenge! @bendehaan can you please check the texts?

@commjoen commjoen self-requested a review April 3, 2023 03:16
@commjoen
Copy link
Collaborator

commjoen commented Apr 3, 2023

Pleave have a look at the test failures... something seems to go wrong..

@Novice-expert
fixes index.html
1b57d57 
fixes index.html to reduce load time
@Novice-expert
updates index.html, fixes indentation
103e22f 
updates index.html, fixes indentation
commjoen
commjoen approved these changes Apr 3, 2023
View reviewed changes
Copy link
Collaborator

@commjoen commjoen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you! Almost there! @bendehaan can you do a text review please :-)?

commjoen and others added 3 commits May 5, 2023 09:09
@commjoen
Merge branch 'master' into challenge29
26ccce5
@commjoen @bendehaan
Update src/main/java/org/owasp/wrongsecrets/challenges/ChallengesCont…
d1e4c4a 
…roller.java

Co-authored-by: Ben de Haan <53901866+bendehaan@users.noreply.github.com>
@commjoen @bendehaan
Update src/main/resources/application.properties
4e181e3 
Co-authored-by: Ben de Haan <53901866+bendehaan@users.noreply.github.com>
@commjoen commjoen merged commit 95596fe into OWASP:master May 5, 2023
13 of 14 checks passed
@commjoen
Copy link
Collaborator

commjoen commented May 5, 2023

Thank you @Novice-expert !

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bendehaan bendehaan bendehaan approved these changes

@commjoen commjoen Awaiting requested review from commjoen commjoen is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

New challenge: save a secret in FrontEnd localStorage in browser
3 participants
@Novice-expert @commjoen @bendehaan