Event.prototype.toString=[].join; Event.prototype.length=1; Event.prototype[0]=1; onhashchange=alert; onmessage=alert;
I understand what this does: I was suggesting that instead of waiting for either, you can force onhashchange to happen.
-
-
ah I see yeah true and also an attacker could trigger this with iframes or postMessage too
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
I am assuming this is an exercise in exploiting XSS without ["()'] ?
-
yeah exactly, you can also do this: onerror=alert;throw 1
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.