2008-10-08 12:32:33

Uchihanuke
» n00b
FTalk Level: zero
13
0
1969-12-31

Re: [spoiler][b]Do not remove these notices[/b] [quote=eehjhay]Due to Major Forum Clean-up, some old topics related to linkers will be moved to [url=http://theftalk.com/f52-Archives.html]Archive[/u

[quote=bobcbar]Understand, did you see this post from xavier? xavierkym wrote: onerror is actually the old fashion way of catching an error in a webpage caused by some Javascript error. Since onerror can handle a function, it can be used as an XSS Vector just like what we are doing right now. Apparently, most browsers can read this function and it is therefore a cross-browser XSS Vector. onerror can work in img tag, script tag or a tag. Because onerror can handle functions and stuffs like that, we can use createElement to insert a new tag, well in this case a script tag (to load our JS Codes). Actually, we shouldn't be bothered about this. Last edited by xavierkym (2008-09-17 17:24:04)[/quote] now I understand.... thank yeah:lol:

Board footer

© 2024 F Talk

Current time is 04:40

[ 12 queries - 0.091 second ]
Privacy Policy