You can easily include a cross-domain script using a cross-domain DTD; just attach the malware as
<!ATTLIST body onload CDATA "{ sniper.shoot(); }" >
and hope for the worst.
Chris
You can easily include a cross-domain script using a cross-domain DTD; just attach the malware as
<!ATTLIST body onload CDATA "{ sniper.shoot(); }" >
and hope for the worst.
Chris