-1

What is the meaning of - before an alert(1) and what is the meaning of // at the end of code?

<script>
                    var searchTerms = '\\'-alert(1)//';
                    document.write('<img src="/resources/images/tracker.gif?searchTerms='+encodeURIComponent(searchTerms)+'">');
                </script>
Zoe
  • 27,060
  • 21
  • 118
  • 148
Samyakt Jain
  • 1

1 Answers1

0

It means to essentially get the negative of the (non-existent) return value of alert(1).

The last part appears to be an empty regex also serving to escape out the final single quote.

Richie Bendall
  • 7,738
  • 4
  • 38
  • 58