How do I run a script in HTML without a <script> tag?
I'm using WaveMaker's low code development platform right now, and it gives you the ability to customize the "markup" of the page (HTML but you can't edit <head>
, it's all weird), Javascript of the page, especially with events like onpageload, etc. , page style (CSS) and page variables (JSON). I'm trying to implement a Formstack of a form, but every time the markup section encounters a tag <script>
, it removes everything after the tag ends. This is what the markup page looks like. I contacted support and they seemed to indicate that it was on purpose. Is there a way to make the HTML version of the script included in a string without being told <script>
? PS: I would be able to implement with iFrames, but for some reason iFrames are not working on the iPhone test program even though they are running on a simulator.
source to share
In Avatao Senior the Career the Path have the Career hacking task to which you want to insert malicious JavaScript code, but the & lt; script & gt; filtered by tags (no other tags). Aenadon's answer gave me one solution:
<body onload="your JS here"> </body>
After submitting, I checked the official solution and found that:
<img src="x" onerror=alert('xss')>
source to share