Hello Glen, I certainly want to put much more recent packages in a new version of securibench, and that probably will include a recent version of roller.
That being said, I see no problem having a mix of old and new. I'm sure that there are webapps out there that haven't been significantly updated since 2005 and it would be nice if I could analyze them too. In the meantime, any clue about this escapeText? Marc-André Laverdière-Papineau Doctorant - PhD Candidate On 08/01/2014 11:16 AM, Glen Mazza wrote: > Hi Marc-Andre, as far as I can tell that SecuriBench site hasn't been > updated in almost nine years, nearly all of it is probably obsolete. > You should try to find something more recent to work with on the 'Net, > if you can't do better than something from 2005 that would tend to > indicate that your approach to reference baselining is no longer common > today, and that some other approach should be used. > > Anyway, that class below does not exist in modern-day Roller. Your fix > would be to pull out that ancient Roller version and rely on the > remaining non-Roller packages there, or replace it with modern Roller > that you can download from our website. > > Glen > > > On 08/01/2014 10:45 AM, Marc-André Laverdière wrote: >> Hello, >> >> Securibench uses an outdated version of Roller and it looks like >> Tomcat's JspC isn't able to compile it anymore. >> http://suif.stanford.edu/~livshits/securibench/ >> >> This is the error that I'm getting: >> An error occurred at line: 42 in the jsp file: >> /weblog/spellcheck-entry.jsp >> escapeText cannot be resolved to a variable >> 39: >> 40: <table class="rTable" width="90%" border="1"> >> 41: <tr class="rEvenTr"> >> 42: <td class="rTd"><font style='font-size: 14px; >> vertical-align: middle; line-height= 18px; font-family: verdana, >> sans-serif;'><%= escapeText %></font></td> >> 43: </tr> >> 44: </table> >> 45: <br /> >> >> >> I would appreciate your help for a quick fix. I understand that this is >> very very old code, and that few people know about it - and thus not >> really interesting to maintain... But it is important for us security >> folks to have some kind of reference baseline for testing our tools. >> >> Your help is greatly appreciated. >> >> Regards, >> >