This lab demonstrates a cross-site scripting (XSS) vulnerability. We'll show how to upload malicious content to the web server that could harm other users (or the site itself), then how to use Content Security Policy as one way of providing protection against this attack.
To get the most out of this lab, you should be familiar with:
Your web application will boot automatically. Once a link appears in the terminal, visit the provided URL in a new browser tab to view your app.
The following teammates have recently completed this lab: