You need to sign in to do that
Don't have an account?
Nuno Matos
Trailhead Simulate a Cross-Site Scripting Attack
Hello,
I'm trying to complete the Simulate a Cross-Site Scripting Attack but I get the error:
Challenge Not yet complete... here's what's wrong:
It doesn't appear that you've successfully simulated a cross-site scripting attack using the Visualforce page. Please try again.
My input is: <a onmouseover = "alert(\'This is an xss attack.\')">xss attack</a>
The org is connected to Trailhead, however, it seems that the Trailhead Tracker isn't installed. Isn't this package usually required to track access the orgs used in Trailhead?
I'm trying to complete the Simulate a Cross-Site Scripting Attack but I get the error:
Challenge Not yet complete... here's what's wrong:
It doesn't appear that you've successfully simulated a cross-site scripting attack using the Visualforce page. Please try again.
My input is: <a onmouseover = "alert(\'This is an xss attack.\')">xss attack</a>
The org is connected to Trailhead, however, it seems that the Trailhead Tracker isn't installed. Isn't this package usually required to track access the orgs used in Trailhead?
I figured it out. Althought my input caused the popup to appear, it seems that for the challenge no spaces could exist:
<a onmouseover="alert(\'XSS Attack\')"> any text</a>
Seems obvious now but the js was executed regardless.
All Answers
I figured it out. Althought my input caused the popup to appear, it seems that for the challenge no spaces could exist:
<a onmouseover="alert(\'XSS Attack\')"> any text</a>
Seems obvious now but the js was executed regardless.
<a onmouseover="alert(\'XSS Attack\')"> any text</a>
Click on Attempt XSS!, click on check Challenge in the Trailhead
I have Sign up For Kingdom Management application dev org.
Connect the dev org to your trailhead account by clicking manage hands on org from your accounts.
Click XSS Basics Challenge tab.
Insert following code in message box and click Attempt XSS! button. any text message will appear below the Attempt Xss! button.
Hover over the cursor on any text message. The pop up will appear as XSS attack.