> For some verifiers, there are multiple correct solutions, is there a specific one that I should write, or any working solution is fine?
Your results will be evaluated against the real platform. Any input that solves the problem should give you the points.
> In question 1e (Verifier 8): I used BurpSuite to intercept the request. Which format should I provide the solution in? In BurpSuite, I have written the solution in normal text and it worked, but in the question it says (URL encoded). Does that mean I should write the solution after encoding it (using encodeURIComponent function for example)?
Yes write the answer URL encoded. The browser and burp do the encoding for you, the server actually receives it URL encoded. This requirement comes from the implementation of the auto-grader in this case.
> The same previous question applies for questions 6 to 10. I can write the solution in the browser URL as normal text and it works, or I can also write it as encoded URL and it also works, which one should I follow?
URL encoding is not required for the grader in this task.
> Final question, In some questions in the second task, I have found a way to trigger the alert function when the user click on a button, in this case, should I write the payload or "secure"?
“Automatic” solutions include clicking on links for the purpose of this task. Thanks for the hint, that was not clear before, I will write an announcement.