Commit 5749fb8

committed

add note about <script> tag

1 parent b4c7f5f commit 5749fb8Copy full SHA for 5749fb8

File tree

+20

-0

lines changed

+20

-0

lines changed

Lines changed: 4 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -21,3 +21,7 @@ If you were truly evil, you could share that URL on social media and when innoce`
`21`	`21`	`You should try copying this URL and opening it into a new tab and confirm that your attack code runs immediately when the page is loaded. This is the power of Reflected XSS!`
`22`	`22`
`23`	`23`	Before you move on to the next exercise, remember to copy your "attack input" (the malicious input string, not the URL) into the `SOLUTIONS.md` file so you can submit it and get credit.
	`24`	`+`
	`25`	`+## Note`
	`26`	`+`
	`27`	+You must use a `<script>` tag in your solution.

Lines changed: 4 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -23,3 +23,7 @@ You should be able to make a small change to your "attack input" from the last e`
`23`	`23`	`<iframe src='http://caloogle.xyz:4020'></iframe>`
`24`	`24`
`25`	`25`	Before you move on to the next exercise, remember to copy your "attack input" (the malicious input string, not the URL) into the `SOLUTIONS.md` file.
	`26`	`+`
	`27`	`+## Note`
	`28`	`+`
	`29`	+You must use a `<script>` tag in your solution.

Lines changed: 4 additions & 0 deletions

Original file line number	Diff line number	Diff line change
@@ -21,3 +21,7 @@ Can you think of a way to defeat their improved sanitization code and get your `
`21`	`21`	`<iframe src='http://caloogle.xyz:4030'></iframe>`
`22`	`22`
`23`	`23`	Before you move on to the next exercise, remember to copy your "attack input" (the malicious input string, not the URL) into the `SOLUTIONS.md` file.
	`24`	`+`
	`25`	`+## Note`
	`26`	`+`
	`27`	+You must use a `<script>` tag in your solution.

Lines changed: 4 additions & 0 deletions

Original file line number	Diff line number	Diff line change
@@ -25,3 +25,7 @@ Can you think of a way to defeat their improved sanitization code and get your `
`25`	`25`	`<iframe src='http://caloogle.xyz:4040'></iframe>`
`26`	`26`
`27`	`27`	Before you move on to the next exercise, remember to copy your "attack input" (the malicious input string, not the URL) into the `SOLUTIONS.md` file.
	`28`	`+`
	`29`	`+## Note`
	`30`	`+`
	`31`	+You must use a `<script>` tag in your solution.

Lines changed: 4 additions & 0 deletions

Original file line number	Diff line number	Diff line change
@@ -23,3 +23,7 @@ Can you think of a way to defeat their improved sanitization code and get your `
`23`	`23`	`<iframe src='http://caloogle.xyz:4050'></iframe>`
`24`	`24`
`25`	`25`	Before you move on to the next exercise, remember to copy your "attack input" into the `SOLUTIONS.md` file.
	`26`	`+`
	`27`	`+## Note`
	`28`	`+`
	`29`	+You must use a `<script>` tag in your solution.

Comments

(0)