Google eBookstore content extraction

Two months ago I discovered UI redressing vulnerability in Google eBookstore. This has been reported to Google and has been quickly fixed. Following is a description of the vulnerability:

tl;dr: fake captcha on Google eBookstore + how to deal with dynamic line numbers.

Test your skills with this XSS hackme (rev. 2)

XSS is a really nasty beast. It's been around since the 90s and we're still discovering new attack vectors, protection mechanisms, evasion techniques. It's not enough to simply "escape HTML output" (e.g. via htmlspecialchars() ) to get rid of it - there are always some tiny details that, when omitted, can cause script injection on your site.

Today I did some research on a rather less known XSS attack vector and I would like to present a small 'hack me' application - have fun (and read on for details)!