Snippet, a browser handling the script
| var script = document.createElement('script') | |
| script.innerText = 'var s = "</script><script>alert(\'whoops!\')</script>"'; | |
| console.log(script.outerHTML); | |
| >>> <script>var s = "</script><script>alert('whoops!')</script>"</script> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment