innerHTML
and XHTMLTrying to inject malformed markup:
window.onload = function() {
try {
document.getElementById('r').innerHTML = "<b><i>test</b></i>";
document.getElementById('result').innerHTML = "FAIL: no parse error thrown.";
} catch(e) {
document.getElementById('result').innerHTML = e.code == DOMException.SYNTAX_ERR ? "PASS: <code>DOMException.SYNTAX_ERR</code> thrown." : "FAIL: wrong error thrown.";
}
}
FAIL: script did not run.