Handle XSS restriction using different domain for user entered javascript
Under normal circumstance we disallow any javascript to be executed from the user entered input as it can lead to cross site scripting (xss) problems. read more
Javascript xss (cross site scripting) – How to prevent
Cross site scripting (XSS) happens when some input on a page (through GET or POST request) is not properly escaped before displaying. If that happens read more
How to bypass cross site scripting (XSS) protection by browsers
Cross site scripting (XSS) protection is handled by many browsers. I was able to test it in Google Chrome and IE (IE 8 and higher). read more