Exploiting cross-site scripting to steal cookie
var cookie = document.cookie
var changeReq = new XMLHttpRequest();
changeReq.open('post', '/post/comment', true);
But it doesn't seem to work. I'm at a loss at how to test / verify it or how to change it. Could some one please advice?
We don’t provide a mentoring service for the labs. This might be something we consider doing in future along with video based solutions.
The lab can be completed. Keep trying.