fix: JWT kid/jku lessons (#1949)

* refactor: rewrite hints

Use active voice and fix grammar issues.

* fix: use Thymeleaf `th:action`

* fix: JWT kid/jku lessons

Split the JavaScript into two files they pointed to the same URL

The JWTs are now valid, they parse successfully.

The paths now include `/kid` and `/jku` to make sure the hints match accordingly in the UI. Otherwise `/delete` would pick up both hints from both assignments as the paths overlap.

Closes: #1715

* fix: update to latest pre-commit version

* fix: increase timeouts for server to start during integration tests

src/main/resources/lessons/ssrf/html/SSRF.html

@@ -12,7 +12,7 @@
             <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
             <form class="attack-form" accept-charset="UNKNOWN"
                   method="POST" name="form"
-                  action="SSRF/task1">
+                  th:action="@{/SSRF/task1}">
                 <table>
                     <tr>
                         <td><input type="hidden" id="url1" name="url" value="images/tom.png"/></td>
@@ -34,7 +34,7 @@
             <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
             <form class="attack-form" accept-charset="UNKNOWN"
                   method="POST" name="form"
-                  action="SSRF/task2">
+                  th:action="@{/SSRF/task2}">
                 <table>
                     <tr>
                         <td><input type="hidden" id="url2" name="url" value="images/cat.png"/></td>