XSSAuditor enabled for URL checker
Just a quick clarification about the RSXSS exercise: We are crawling these URLs with a Chrome with version < 78.
This means in particular, that the XSSAuditor is still enabled by default.
You do not need to specifically bypass the Auditor(in contrast to the RCXSS exercise), however, you should take this into account when building your payload. Otherwise, you might accidentally trigger the Auditor.