Want to try the XSS attack on your own? Here’s what to do:

1. Download the zip file called ‘023-widgets-xss.zip’ attached to this lecture and extract it

2. Open a new terminal window and change into the extracted folder

3. Run ‘npm install’ in the folder

4. After the ‘npm install’ is complete, run ‘node index.js’

5. Back in your editor, change the request URL to ‘http://localhost:3001’ and save the file

6. In the browser, search for the letter “t”. That is a special search term that will cause the server to send you an XSS payload