Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I have read many question here in the site but didnt got to understand the problem with the parenthesis thing.
eval( '{a:alert(1)}'); //alert 1
but also this alert 1 :
eval( '('+'{a:alert(1)}'+')'); //alert 1
So how does '()' helps me ?
I already know that () makes the code to be read as epxression and not as a statement
but I dont see in my sample how it is gonna help.
Can you please provide a sample ?
Consider:
and
As already mentioned: the second one is a block of code with label so .a simply doesn’t have any sense.