Tags: web warmup 


# Charlotte's Web - Beginner (50 pts)

## Description

> Welcome to the web!
> https://charlotte-tlejfksioa-ul.a.run.app/

## Ideas and observations
1. a website with just a button, clicking on which shows an unhelpful alert()
2. there's an HTML comment ``

## Notes
1. `/src` has the Flask source for the challenge, a simple app with 3 routes:
1. `/` that displays the aforementioned web page
2. `/src` that returns the contents of `app.py`
3. `/super-secret-route-nobody-will-guess` that's only defined for the PUT method that returns the contents of a file called `flag`

## Solution
Commanding `curl -X PUT https://charlotte-tlejfksioa-ul.a.run.app/super-secret-route-nobody-will-guess` will get us the flag:


Original writeup (https://gist.github.com/shinmai/5720d1f0a214d0878cfb530eb975c469#charlottes-web---beginner-50-pts).