From a9e5dd645d678f9505ad4322ec511bb1912159fd Mon Sep 17 00:00:00 2001
From: Jason White <jason.white@owasp.org>
Date: Mon, 22 May 2017 20:10:03 -0400
Subject: [PATCH] comment, clean up

---
 .../java/org/owasp/webgoat/plugin/StoredXssComments.java     | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/webgoat-lessons/cross-site-scripting/src/main/java/org/owasp/webgoat/plugin/StoredXssComments.java b/webgoat-lessons/cross-site-scripting/src/main/java/org/owasp/webgoat/plugin/StoredXssComments.java
index 119fabcec..56bfefca1 100644
--- a/webgoat-lessons/cross-site-scripting/src/main/java/org/owasp/webgoat/plugin/StoredXssComments.java
+++ b/webgoat-lessons/cross-site-scripting/src/main/java/org/owasp/webgoat/plugin/StoredXssComments.java
@@ -74,10 +74,7 @@ public class StoredXssComments extends AssignmentEndpoint {
     @ResponseBody
     public Collection<Comment> retrieveComments() {
         Collection<Comment> allComments = Lists.newArrayList();
-        Collection<Comment> xmlComments = userComments.get(webSession.getUserName());
-        if (xmlComments != null) {
-            allComments.addAll(xmlComments);
-        }
+        // no filtering applied here at render
         allComments.addAll(comments);
         return allComments;
     }