The curious case of the evt parameter

A long time ago I can't remember exactly when, I discovered you could use a parameter called evt in SVG events. I tweeted about it but I thought I'd write it up since Twitter is no longer what it used to be. Anyway, I discovered this because I was playing with HTML and I decided to alert the contents of the event. It worked like this:

<img src onerror=alert(onerror)>

Which led to the following output:

function onerror(event) {
   alert(onerror)
}

Notice a parameter called event is defined, I suspect this is a workaround to accommodate IE quirks because it has a global window.event, so browsers defined this so it enabled them to make the event local. Moving on, I wondered to myself what the other events look like, so I began messing with the various HTML tags and they all seemed pretty consistent but then I stumbled across SVG events and something looked different. The onload event of a SVG tag had a different parameter:

<svg onload=alert(onload)>

The output:

function onload(evt) {
   alert(onload)
}

Why on earth is this not called event? You all know I like any sort differences as they often lead to bugs. If you have a sandbox you've got to look out for this parameter as it can leak DOM object. For example on Chrome:

<svg onload=evt.composedPath().pop().defaultView.alert(1)>

On Firefox we use the gorgeous explicitOriginalTarget property to get the document object:

<svg onload=evt.explicitOriginalTarget.ownerDocument.defaultView.alert(1)>

There really isn't a conclusion to this and I'm just happy to blog things I find interesting anyway hope you enjoyed it!