Merge pull request #13 from TomConner/next

Fix WEB-151 - tolerate missing user cookie attribute in challenge stage2

Author: mayhew64

src/main/java/org/owasp/webgoat/lessons/Challenge2Screen.java

@@ -210,7 +210,12 @@ protected Element doStage2(WebSession s) throws Exception
                 .createStatement(ResultSet.TYPE_SCROLL_INSENSITIVE, ResultSet.CONCUR_READ_ONLY);
 
         // pull the USER_COOKIE from the cookies
-        String cookie = URLDecoder.decode(getCookie(s),"utf-8");
+        String cookie = getCookie(s);
+        if (null == cookie) {
+        	cookie = "";
+        } else {
+        	cookie = URLDecoder.decode(cookie,"utf-8");
+        }
 
         String user = Encoding.base64Decode(cookie);
         String query = "SELECT * FROM user_data WHERE last_name = '" + user + "'";