XSS with length restriction

The more promising Proof of Concept in case of XSS, in my opinion, is to load external JavaScript from a domain under your control. This post lists ways one can load external JavaScript with as few characters as possible.…