[whatwg] External document subset support

Kristof Zelechovski giecrilj at stegny.2a.pl
Fri Jun 19 04:06:39 PDT 2009


You can easily include a cross-domain script using a cross-domain DTD; just
attach the malware as 

<!ATTLIST body onload CDATA "{ sniper.shoot(); }" > 

and hope for the worst.

Chris

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20090619/e3ea272e/attachment-0002.htm>


More information about the whatwg mailing list