diff --git a/webgoat-lessons/cross-site-scripting/src/main/resources/html/CrossSiteScriptingMitigation.html b/webgoat-lessons/cross-site-scripting/src/main/resources/html/CrossSiteScriptingMitigation.html
index 3c579a520..8a3ee060a 100644
--- a/webgoat-lessons/cross-site-scripting/src/main/resources/html/CrossSiteScriptingMitigation.html
+++ b/webgoat-lessons/cross-site-scripting/src/main/resources/html/CrossSiteScriptingMitigation.html
@@ -32,10 +32,10 @@
 		<div class="attack-feedback" style="margin-top: 50px;"></div>
 		<div class="attack-output"></div>
 	</div>
+</div>
 
 <div class="lesson-page-wrapper">
 	<div class="adoc-content" th:replace="doc:CrossSiteScripting_content9.adoc"></div>
 </div>
-</div>
 
 </html>
\ No newline at end of file
diff --git a/webgoat-lessons/cross-site-scripting/src/main/resources/js/assignment3.js b/webgoat-lessons/cross-site-scripting/src/main/resources/js/assignment3.js
index f714a84ed..e8081d367 100644
--- a/webgoat-lessons/cross-site-scripting/src/main/resources/js/assignment3.js
+++ b/webgoat-lessons/cross-site-scripting/src/main/resources/js/assignment3.js
@@ -10,7 +10,8 @@ $(document).ready( () => {
         }, 20);
     });
 
-    editor.setValue("<html>\n" +
+    editor.setValue(
+        "<html>\n" +
         "<head>\n" +
         "    <title>Using GET and POST Method to Read Form Data</title>\n" +
         "</head>\n" +
@@ -31,18 +32,13 @@ $(document).ready( () => {
         "</body>\n" +
         "</html>\n" +
         "\n" +
-        "\n");
+        "\n"
+    );
 
 });
 
-
-
 function ace_collect() {
-    let code = "";
-
-    $(".ace_xml").each(function(i, el) {
-        var to_add = el.innerHTML;
-        code += to_add;
-    });
+    var editor = ace.edit("editor");
+    var code = editor.getValue();
     return code;
 }
\ No newline at end of file