Bypass antiXSS filter in Chrome and Safari