- From: Boris Zbarsky <bzbarsky@MIT.EDU>
- Date: Mon, 11 Aug 2008 13:59:21 -0400
- To: Toby A Inkster <tai@g5n.co.uk>
- CC: public-html@w3.org
Toby A Inkster wrote: > This is nasty, I know, but what about: > > <script src="javascript:return 'window.alert("hello")';"> > </script> Other than the misplaced |return| statement, this can certainly be made to work, subject to UA security restrictions. The question is why you'd care to make this work, of course... There is no use case I can think of here. -Boris
Received on Monday, 11 August 2008 18:09:40 UTC