Port and correct - CSRF content wrong

Description

Email from Boris Grginčić

I've been looking at WebGoat-6.0.1 a bit and noticed a problem with the introduction description of the lessons: Cross Site Request Forgery (CSRF) and CSRF Prompt By-Pass

In Webgoat 5.4 the following sentences were true, however in 6.0 you changed the menu functionality so they are not correct:
"You can copy the shortcut from the left hand menu by right clicking on the left hand menu and choosing copy shortcut."

All menu links when copied point to: http://host/WebGoat/start.mvc

I guess the new sentence should be along the lines:

"*To get the URL of the current lesson you need a local proxy like OWASP ZAP to intercept the HTTP request. *"

Environment

None

Status

Assignee

BruceM

Reporter

BruceM

Labels

None

Sprint

Fix versions

Priority

Major