The location hack is an ugly but useful way to interact with the content scope of the page being user scripted. It does this by indirectly evaling strings within that scope.
Percent encoding issue
Sometimes percent-encoding the percent symbol is required. For example,
The above code will cause error because %22 is interpreted as double quotation mark. The workaround is:
See also encodeURI().
The location hack is really handy for passing values to the content scope, or to call functions defined there.
It is not, however, capable of directly reading a variable or value returned from a function.
Furthermore, it is run asynchronously, much like
setTimeout(), so you cannot immediately rely on side effects.
(If you use the location hack to, for example, store a value in the DOM and then attempt to read it, it will only be available at some other later point in time.)