From cabfd25b407ce26bfbfd0abdf2d2595fe7ddba7d Mon Sep 17 00:00:00 2001
From: Wocanilo <25706428+Wocanilo@users.noreply.github.com>
Date: Sat, 30 Nov 2019 19:52:59 +0100
Subject: [PATCH]  MODIFIED convert-json-data-to-html to warn about XSS attacks
 (english) (#37036)

*  MODIFIED convert-json-data-to-html to warn about XSS attacks (english)

* Forgotten newline in convert-json-data-to-html

* Update curriculum/challenges/english/04-data-visualization/json-apis-and-ajax/convert-json-data-to-html.english.md

Co-Authored-By: Randell Dawson <5313213+RandellDawson@users.noreply.github.com>

* Update curriculum/challenges/english/04-data-visualization/json-apis-and-ajax/convert-json-data-to-html.english.md

Co-Authored-By: Randell Dawson <5313213+RandellDawson@users.noreply.github.com>

* fix: suggested changes

* fix: added commas
---
 .../json-apis-and-ajax/convert-json-data-to-html.english.md      | 1 +
 1 file changed, 1 insertion(+)

diff --git a/curriculum/challenges/english/04-data-visualization/json-apis-and-ajax/convert-json-data-to-html.english.md b/curriculum/challenges/english/04-data-visualization/json-apis-and-ajax/convert-json-data-to-html.english.md
index 410544ec47..cd071e55a5 100644
--- a/curriculum/challenges/english/04-data-visualization/json-apis-and-ajax/convert-json-data-to-html.english.md
+++ b/curriculum/challenges/english/04-data-visualization/json-apis-and-ajax/convert-json-data-to-html.english.md
@@ -25,6 +25,7 @@ json.forEach(function(val) {
 });
 ```
 
+<strong>Note:</strong> For this challenge, you need to add new HTML elements to the page, so you cannot rely on `textContent`. Instead, you need to use `innerHTML`, which can make a site vulnerable to Cross-site scripting attacks.
 </section>
 
 ## Instructions