Skip to content

Commit 638288b

Browse files
whgojpwhgojp
committed
fix some bugs
1 parent 7cf81bd commit 638288b

File tree

7 files changed

+12
-14
lines changed

7 files changed

+12
-14
lines changed

README.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -94,6 +94,8 @@ url: jdbc:mysql://localhost:13306/JavaSecLab?characterEncoding=utf8&zeroDateTime
9494
### Docker部署(推荐)
9595
9696
> 条件:已安装docker和docker-compose
97+
>
98+
> docker部署过程中 sql文件没有初始化执行的话(即数据库为空) 需要手动导入下sql文件
9799
98100
```shell
99101
mvn clean package -DskipTests

deploy.sh

Lines changed: 0 additions & 1 deletion
This file was deleted.

src/main/java/top/whgojp/modules/logic/idor/controller/HorizontalController.java

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -23,14 +23,14 @@
2323
@Api(value = "HorizontalController", tags = "逻辑漏洞-水平越权")
2424
@Controller
2525
@CrossOrigin(origins = "*")
26-
@RequestMapping("/logic/idor")
26+
@RequestMapping("/logic/idor/horizontal")
2727
public class HorizontalController {
2828
@Autowired
2929
private UserMapper userMapper;
3030

31-
@RequestMapping("/horizontal")
31+
@RequestMapping("")
3232
public String horizontal(){
33-
return "/vul/logic/idor/horizontal";
33+
return "vul/logic/idor/horizontal";
3434
}
3535

3636
@GetMapping("/getUserInfo")

src/main/java/top/whgojp/modules/logic/idor/controller/VerticalController.java

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -19,11 +19,11 @@
1919
@Api(value = "VerticalController", tags = "逻辑漏洞-垂直越权")
2020
@Controller
2121
@CrossOrigin(origins = "*")
22-
@RequestMapping("/logic/idor")
22+
@RequestMapping("/logic/idor/vertical")
2323
public class VerticalController {
24-
@RequestMapping("/vertical")
24+
@RequestMapping("")
2525
public String vertical(){
26-
return "/vul/logic/idor/vertical";
26+
return "vul/logic/idor/vertical";
2727
}
2828

2929
@GetMapping("/vul")

src/main/java/top/whgojp/security/SecurityConfigurer.java

Lines changed: 1 addition & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -99,10 +99,7 @@ protected void configure(HttpSecurity http) throws Exception {
9999
// http.addFilterBefore(jwtRequestFilter, UsernamePasswordAuthenticationFilter.class);
100100

101101
// 如果不需要验证码校验登录 可以注释掉该行
102-
http.addFilterBefore(validateCodeFilter, UsernamePasswordAuthenticationFilter.class);
103-
104-
// 如果不用验证码,注释这个过滤器即可
105-
// http.addFilterAt(usernamePasswordAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
102+
// http.addFilterBefore(validateCodeFilter, UsernamePasswordAuthenticationFilter.class);
106103

107104

108105
// 添加session管理器 session失效后跳到登录页

src/main/resources/templates/vul/logic/idor/horizontal.html

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -160,7 +160,7 @@ <h1><span class="iconfont icon-code"> 安全代码</span></h1>
160160

161161

162162
miniTab.listen();
163-
layer.msg("其他漏洞-越权漏洞");
163+
layer.msg("其他漏洞-水平越权");
164164

165165
var cmConfig = {
166166
lineNumbers: true,

src/main/resources/templates/vul/logic/idor/vertical.html

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@
2626
<div class="layui-col-md12" style="margin-top: 10px">
2727
<div class="layui-row layui-col-space15">
2828
<div class="layui-col-md6">
29-
<h1><span class="iconfont icon-bug"> 漏洞环境:水平遍历用户信息</span></h1>
29+
<h1><span class="iconfont icon-bug"> 漏洞环境:垂直越权管理员</span></h1>
3030
<div class="layui-tab layui-tab-brief">
3131
<div class="layui-tab-content">
3232
<div class="layui-tab-item layui-show">
@@ -74,7 +74,7 @@ <h1><span class="iconfont icon-code"> 缺陷代码</span></h1>
7474

7575

7676
miniTab.listen();
77-
layer.msg("其他漏洞-越权漏洞");
77+
layer.msg("其他漏洞-垂直越权");
7878

7979
var cmConfig = {
8080
lineNumbers: true,

0 commit comments

Comments
 (0)