The test JSP web application should rely on the latest development JavaScript code
forgedhallpass opened this issue · comments
forgedhallpass commented
The OWASP-CSRFGuard\csrfguard-test\csrfguard-test-jsp\src\main\webapp\script\csrfguard.js is duplicated from OWASP-CSRFGuard\csrfguard\src\main\resources\csrfguard.js in the csrfguard-test-jsp test web application.
This is very error prone as the development JavaScript code and the one used in the test module must be constantly synced. This is not the case at the moment, which creates confusion when testing the latest code base.
The duplicated code should be removed and the maven configurations should properly build the test application(s).