Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
goblin89
on May 30, 2014
|
parent
|
context
|
favorite
| on:
Google's XSS game
The browser smartly won't execute scripts added
through innerHTML
, but it probably should be noted that jquery's html() method will[0]. There's always a way to shoot yourself in the foot. :)
[0]
http://api.jquery.com/html/
Join us for
AI Startup School
this June 16-17 in San Francisco!
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
[0] http://api.jquery.com/html/