Executing JS code @ location.href

R

Ry Nohryb

I'm not sure if this is of any utility, but it seems that you can run
JS code -apparently at the global scope- by doing this:

location.href="javascript: alert(document.body.innerHTML);"

and the page won't be navigated away (as long as the result is ===
undefined). I've tried -evilnessly- to use it to bypass the SOP and
inject some code in an iframe, but it only works in Safari, and only
when the main page's protocol is file://.

I wonder if there's any useful application for this rather ugly thing.
 
D

David Mark

I'm not sure if this is of any utility, but it seems that you can run
JS code -apparently at the global scope- by doing this:

location.href="javascript: alert(document.body.innerHTML);"
Click to expand...

No kidding. You can type it in the browser's address box as well. ;)
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

navigator.userAgent required to set location.href in Safari? 2
loading js code with xmlhttp working (but..) 4
SproutCore--over 20000 lines of new code! 49
IE6 memory leak - very fiddly 20
Trouble executing code due to scope restrictions of timeouts/intervals 4
C Python: Running Python code within function scope 1
Sencha Touch--Support 2 browsers in just 228K! 64
code embedded in html file vs .js file reference 4

Members online

No members online now.
Total: 56 (members: 0, guests: 56)
Robots: 466

Forum statistics

Threads
473,995
Messages
2,570,226
Members
46,815
Latest member
treekmostly22

Latest Threads

Top