In this lab, many character are removed (x00 x20 < > " ').
In IE, back quotes (`) will be parsed into quotes, so we can use that instead and combine with an event.
``onclick=alert(document.domain)Then, we click the text box to trigger the event.
ethan 