Flag 3 has another approach.
You don't need to add that "flag"-Parameter.
You only have to use another way to inject JavaScript in the code but with a script-tag.
For example, I have add an Image and new Image-Tage in an edited page, and add an alert in onclick. Thats solved this 3rd Flag. For you the solution was only the onclick in your button. ;)
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Flag 3 has another approach.
You don't need to add that "flag"-Parameter.
You only have to use another way to inject JavaScript in the code but with a script-tag.
For example, I have add an Image and new Image-Tage in an edited page, and add an alert in onclick. Thats solved this 3rd Flag. For you the solution was only the onclick in your button. ;)