mukvrm / bodgeit Goto Github PK

View Code? Open in Web Editor NEW

0.0 0.0 0.0 102.71 MB

Automatically exported from code.google.com/p/bodgeit

Java 93.42% JavaScript 6.03% CSS 0.55%

bodgeit's People

Contributors

bodgeit's Issues

Doesnt deploy in Glassfish

Apparently bodgeit doesnt deploy in Glassfish.

Need to investigate why.

Original issue reported on code.google.com by [email protected] on 9 Aug 2012 at 2:36

Score the CSRF issue

Adding products to the basket is vulnerable to CRSF attacks.
Need to find a good way of scoring this - any suggestions welcome.

Original issue reported on code.google.com by [email protected] on 14 Apr 2011 at 2:57

advanced.jsp gives an exception report upon loading

What steps will reproduce the problem?
1. go to bodgeit/advanced.jsp


What is the expected output? What do you see instead?

Not sure but I am guessing not what I get. 

backtrack 5r2

Please provide any additional information below.

When I load the advanced search I get this exception report. 

type Exception report

message

description The server encountered an internal error () that prevented it from 
fulfilling this request.

exception

org.apache.jasper.JasperException: Unable to compile class for JSP: 

An error occurred at line: 8 in the generated java file
Only a type can be imported. com.thebodgeitstore.util.AES resolves to a package

An error occurred at line: 48 in the jsp file: /advanced.jsp
AES cannot be resolved to a type
45:     String key = "";
46:     String[] params = {};
47:     if (request.getMethod().equals("POST")){
48:         AES enc = new AES();
49:         try {
50:             key = session.getAttribute("key").toString();
51:         } catch (Exception e){

Original issue reported on code.google.com by [email protected] on 12 Oct 2012 at 1:50

Installation of Bodgeit Unclear

In the installation notes it states:

All you need to do is download and open the zip file, and then extract the war 
file into the webapps directory of your favorite servlet engine. 

Then point your browser at (for example) http://localhost:8080/bodgeit 

Q.  Exactly what do you mean by 'point your browser'?  Are you referring to a 
proxy setting here?

Original issue reported on code.google.com by [email protected] on 30 Jun 2014 at 3:05

Unable to launch app at all due to Exception

What steps will reproduce the problem?
1.Copy the bodgeit.war file into the webapps directory for tomcat 6.0.30
2. Start tomcat
3. go to http://localhost:8080/bodgeit/  but you can see the stack trace as 
soon as Tomcat is started--before you even try and load bodgeit in the browser

What is the expected output? What do you see instead?

Sep 3, 2012 9:07:32 AM org.apache.catalina.core.AprLifecycleListener init
INFO: The Apache Tomcat Native library which allows optimal performance in 
production environments was not found on the java.library.path: C:\Program 
Files\Java\jre6\bin;.;C:\WINDOWS\Sun\Java\bin;C:\WINDOWS\system32;C:\WINDOWS;C:/
Program Files/Java/jre6/bin/client;C:/Program Files/Java/jre6/bin;C:\Program 
Files\PHP\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program 
Files\QuickTime\QTSystem\;D:\Temp\eclipse\plugins\org.apache.ant_1.7.1.v20090120
-1145/bin;C:\Python27;C:\Program Files\MySQL\MySQL Server 5.5\bin
Sep 3, 2012 9:07:32 AM org.apache.coyote.http11.Http11Protocol init
INFO: Initializing Coyote HTTP/1.1 on http-8080
Sep 3, 2012 9:07:32 AM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 485 ms
Sep 3, 2012 9:07:32 AM org.apache.catalina.core.StandardService start
INFO: Starting service Catalina
Sep 3, 2012 9:07:32 AM org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache Tomcat/6.0.14
Sep 3, 2012 9:07:32 AM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive bodgeit.war
Sep 3, 2012 9:07:34 AM org.apache.catalina.loader.WebappClassLoader 
validateJarFile
INFO: validateJarFile(D:\Temp\1 Java\Apache 
Group\apache-tomcat-6.0.30\webapps\bodgeit\WEB-INF\lib\servlet-api.jar) - jar 
not loaded. See Servlet Spec 2.3, section 9.7.2. Offending class: 
javax/servlet/Servlet.class
Sep 3, 2012 9:07:36 AM org.apache.catalina.core.StandardContext loadOnStartup
SEVERE: Servlet /bodgeit threw load() exception
org.apache.jasper.JasperException: Unable to compile class for JSP: 

An error occurred at line: 239 in the generated java file
The method getJspApplicationContext(ServletContext) is undefined for the type 
JspFactory

Stacktrace:
    at org.apache.jasper.compiler.DefaultErrorHandler.javacError(DefaultErrorHandler.java:92)
    at org.apache.jasper.compiler.ErrorDispatcher.javacError(ErrorDispatcher.java:330)
    at org.apache.jasper.compiler.JDTCompiler.generateClass(JDTCompiler.java:423)
    at org.apache.jasper.compiler.Compiler.compile(Compiler.java:308)
    at org.apache.jasper.compiler.Compiler.compile(Compiler.java:286)
    at org.apache.jasper.compiler.Compiler.compile(Compiler.java:273)
    at org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:566)
    at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:317)
    at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:320)
    at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:266)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1180)
    at org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:981)
    at org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:4045)
    at org.apache.catalina.core.StandardContext.start(StandardContext.java:4351)
    at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:791)
    at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:771)
    at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:525)
    at org.apache.catalina.startup.HostConfig.deployWAR(HostConfig.java:825)
    at org.apache.catalina.startup.HostConfig.deployWARs(HostConfig.java:714)
    at org.apache.catalina.startup.HostConfig.deployApps(HostConfig.java:490)
    at org.apache.catalina.startup.HostConfig.start(HostConfig.java:1138)
    at org.apache.catalina.startup.HostConfig.lifecycleEvent(HostConfig.java:311)
    at org.apache.catalina.util.LifecycleSupport.fireLifecycleEvent(LifecycleSupport.java:117)
    at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1053)
    at org.apache.catalina.core.StandardHost.start(StandardHost.java:719)
    at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
    at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
    at org.apache.catalina.core.StandardService.start(StandardService.java:516)
    at org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
    at org.apache.catalina.startup.Catalina.start(Catalina.java:566)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    at java.lang.reflect.Method.invoke(Unknown Source)
    at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:288)
    at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:413)
Sep 3, 2012 9:07:36 AM org.apache.tomcat.util.modeler.Registry registerComponent
SEVERE: Null component 
Catalina:type=JspMonitor,name=InitServlet,WebModule=//localhost/bodgeit,J2EEAppl
ication=none,J2EEServer=none
Sep 3, 2012 9:07:36 AM org.apache.catalina.core.ApplicationContext log
INFO: ContextListener: contextInitialized()
Sep 3, 2012 9:07:36 AM org.apache.catalina.core.ApplicationContext log
INFO: SessionListener: contextInitialized()
Sep 3, 2012 9:07:36 AM org.apache.coyote.http11.Http11Protocol start
INFO: Starting Coyote HTTP/1.1 on http-8080
Sep 3, 2012 9:07:36 AM org.apache.jk.common.ChannelSocket init
INFO: JK: ajp13 listening on /0.0.0.0:8009
Sep 3, 2012 9:07:36 AM org.apache.jk.server.JkMain start
INFO: Jk running ID=0 time=0/47  config=null
Sep 3, 2012 9:07:36 AM org.apache.catalina.startup.Catalina start
INFO: Server startup in 3954 ms
Sep 3, 2012 9:08:25 AM org.apache.catalina.core.StandardWrapperValve invoke
SEVERE: Servlet.service() for servlet jsp threw exception
org.apache.jasper.JasperException: Unable to compile class for JSP: 

An error occurred at line: 53 in the generated java file
The method getJspApplicationContext(ServletContext) is undefined for the type 
JspFactory

Stacktrace:
    at org.apache.jasper.compiler.DefaultErrorHandler.javacError(DefaultErrorHandler.java:92)
    at org.apache.jasper.compiler.ErrorDispatcher.javacError(ErrorDispatcher.java:330)
    at org.apache.jasper.compiler.JDTCompiler.generateClass(JDTCompiler.java:423)
    at org.apache.jasper.compiler.Compiler.compile(Compiler.java:308)
    at org.apache.jasper.compiler.Compiler.compile(Compiler.java:286)
    at org.apache.jasper.compiler.Compiler.compile(Compiler.java:273)
    at org.apache.jasper.JspCompilationContext.compile(JspCompilationContext.java:566)
    at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:317)
    at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:320)
    at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:266)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:263)
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
    at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:584)
    at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
    at java.lang.Thread.run(Unknown Source)


What version of the product are you using? On what operating system?

1.4 Windows  XP

Please provide any additional information below.

Original issue reported on code.google.com by [email protected] on 3 Sep 2012 at 4:15

search.jsp throws an error

What steps will reproduce the problem?
1.Install Tomcat 7.0.28
2.Load Bodgeit 1.3.0
3.place search.jsp code in the bodgeit store app.

What is the expected output? What do you see instead?
I expect the search page.

org.apache.jasper.JasperException: Unable to compile class for JSP: 

An error occurred at line: 15 in the generated java file
Only a type can be imported. org.apache.commons.lang3.StringEscapeUtils 
resolves to a package

An error occurred at line: 48 in the jsp file: /search.jsp
StringEscapeUtils cannot be resolved
45: <%    
46:     Statement stmt = conn.createStatement();
47:     ResultSet rs = null;
48:         query = StringEscapeUtils.escapeHtml4(query).replaceAll("'", 
"&#39");
49: 
50:     try {
51:                 String sql = "SELECT PRODUCT, DESC, TYPE, TYPEID, PRICE " +

What version of the product are you using? On what operating system?
1.3.0, OSX Lion

Please provide any additional information below.
I think this is related to the fact that search.jsp isn't part of the app WAR 
but I am not sure.

Original issue reported on code.google.com by [email protected] on 25 Jun 2012 at 1:04

Getting "Access someone elses basket" award only seems to work for Guest User

When logged in as some user and tampering with the b_id cookie to see another 
users cart, this seems not to be counted as a passed challenge.

The challenge seems only to be passed (=green ball) when doing to as Guest User.

Original issue reported on code.google.com by [email protected] on 9 Aug 2013 at 8:10

Additional XSS attack not counted as a passed challenge

You can do an XSS attack on the Login form that does not count for any 
challenge result:

1. Go to http://localhost:18080/bodgeit/login.jsp
2. Provide Username [email protected]') --<script>alert("XSS")</script>

Original issue reported on code.google.com by [email protected] on 9 Aug 2013 at 8:08

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.