I thought this was cool whilst experimenting, I found I could use hex decimal (ooops that’s what I get for posting on Monday morning) entities within a url to combine unicode strings to produce anything. The result is a truly obscure looking javascript, I’ve included a plain text alert to help understand what’s going on, the code basically translates to javascript:x=’eval’ notice how it is possible to assign strings even though entities are used.
Test
Comments 2
You suck!
Posted 31 Dec 2008 at 6:32 am ¶Thanks you suck too!
Posted 31 Dec 2008 at 9:09 am ¶Post a Comment