- From: Kristof Zelechovski <giecrilj@stegny.2a.pl>
- Date: Fri, 19 Jun 2009 13:06:39 +0200
You can easily include a cross-domain script using a cross-domain DTD; just
attach the malware as
<!ATTLIST body onload CDATA "{ sniper.shoot(); }" >
and hope for the worst.
Chris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20090619/e3ea272e/attachment.htm>
Received on Friday, 19 June 2009 04:06:39 UTC