Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> How about a <nojs> </nojs> pair in the primary document disabling any kind of javascript execution in the space between the tags.

But wouldn't folks still be able to inject scripts by just writing `</nojs><script>alert('hi')</script><nojs>`?



Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: