fix: rename instructions link

Author: soumyaray

README.md

@@ -16,7 +16,7 @@ Now view at the site at `http://localhost:4567` or whichever port it is on.
 
 ## Play
 
-Look at the running site and open the 'instructions' link to see what kind of text input you could enter to conduct a script injection attack.
+Look at the running site and open the 'hacking instructions' link to see what kind of text input you could enter to conduct a script injection attack.
 
 Search within the code of this project (`*.rb` and `views/*.slim`) for 'XSS' -- you should find comments on how make modifications to prevent XSS attacks.
 

app.rb

@@ -63,7 +63,6 @@
 #     form_action: %w['self'], # valid endpoints for form actions
 #     frame_ancestors: %w['none'], # valid parents that may embed a page using the <frame> and <iframe> elements
 #     object_src: %w['none'],
-#     block_all_mixed_content: true, # see http://www.w3.org/TR/mixed-content/
 
 #     report_uri: %w[/report_csp_violation] # submit CSP violations by POST method
 #   }

views/home.slim

@@ -14,7 +14,7 @@ div class="container"
     = " | "
     a href="/clear" clear all notes
     = " | "
-    a data-toggle="collapse" href="#instructions" aria-expanded="false" aria-controls="instructions" instructions
+    a data-toggle="collapse" href="#instructions" aria-expanded="false" aria-controls="instructions" hacking instructions
 
 div class="container collapse" id="instructions"
   div class="row"
@@ -34,7 +34,7 @@ div class="container collapse" id="instructions"
           = "thief script<SCRIPT>alert('stolen: ' + document.getElementById('board').innerText);</SCRIPT>"
   .row
     .col-sm-12
-      span Enter the following to simulate a cross-site resource forgery (CSRF) attempttextile:
+      span Enter the following to simulate a cross-site resource forgery (CSRF) attempt:
   .row
     .col-sm-1
     .col-sm-11