> > http://www-1.ibm.com/support/docview.wss?uid=swg21233077&loc=% > > 22%3E%3Cbody%20onload=alert('FAIL')%20x=%22en_US > > I'm missing the point - if the page is told to alert 'FAIL' and it does, > how is that ironic? The article is about avoiding cross-site scripting, and has become a victim of it (albeit in an innocent way). God, I feel like SUCH a geek now. I laughed my butt off at this, but now I can't share it with anyone! -- sarah adams blog: http://hardedge.ca family: http://geekjock.ca portfolio: http://sarah.designshift.com