Self-Referencing Content - When HTML Becomes Script

January 23rd, 2008

From the parlor tricks department: 

/* <script src="#"></script> */
alert("It Works");

If this is parsed in an HTML context, the script tag will re-include the content and cause it to be interpreted as script. The only catch is that the HTML needs to also parse as valid JavaScript.

Try it out.

Interesting, but most likely useless. Anywhere that one could inject this, one could also probably inject arbitrary script.

Tested successfully with Mozilla Firefox, Safari, Opera and Internet Explorer 6 and 7. Opera has a weird quirk of only executing it once; later invocations treat the file as script and display the contents instead of executing. Forcing a refresh of the page causes it to be re-interpreted as HTML though.

And I could swear that I had seen this before, but I can't find any references on the web searching through Google. I'm probably not hitting on the correct keywords. If anybody knows where else this is referenced, send me a link and I'll include it.

Posted by gfleischer on 2008/01/23 at 11:52 in Quirks
Home
Subscribe
RSS 2.0
Quick Links
Content
Info
Categories
Archives
Sitemap
Valid XHTML 1.0 Transitional Valid CSS!