This lab demonstrates a cross-site scripting (XSS) vulnerability. We'll show how to upload malicious content to the web server that could harm other users (or the site itself), then how to use Content Security Policy as one way of providing protection against this attack.
To get the most out of this lab, you should be familiar with:
Enter the command
boot at the terminal to launch the application, which will give you a link. Copy this URL into a new browser tab to load the web app. Once the app has loaded, click Next to begin the lab.