This is nasty, I know, but what about: <script src="javascript:return 'window.alert("hello")';"> </script> i.e. the 'javascript:' URI is executed and returns a string, the string returned is then treated as if it were the contents of the <script> element. Nasty though it is, that seems to be more consistent with how the 'javascript:' protocol is handled in 'href'. -- Toby A Inkster <mailto:mail@tobyinkster.co.uk> <http://tobyinkster.co.uk>Received on Monday, 11 August 2008 13:23:41 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Tuesday, 2 June 2009 18:32:38 GMT