comments (not for humans)
In my previous posts JSONp - What's the risk? and Web2.0 - Who do you trust? I talked about the potential security problems that can occur when adding script tags and/or using jsonp. In this post I will show a couple of demos.
[...]
You may sometimes need to unescape HTML escaped strings in javascript. I found a neat trick to do this using the browser internal escaping.
[...]