Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This was the injected JS code:

    document.getElementById('name-input').value = document.getElementById('yay').outerHTML; setName(); console.log('yay')
The `<img>` tag I used was wrapped around a `div` element that had the `yay` id. I used `onload` instead of `onerror`, with an image link from Wikipedia.


Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: