First and second are open for reader guesses. You can contact me at geeksajan@gmail.com.
Hints:
1) These are super powerful features (works both on Thick and Thin clients) that can lead us into amazing results.
2) _svf0 … pretty useful.
Third one is a POC that circumvents URL JavaScript Injection restrictions (if any exists).
