I couldn't get it to work (with random web pages) in Safari.
Trying to paste it to the URL bar gives the error: "Safari doesn’t allow JavaScript from the Smart Search Field. To allow this, choose “Allow JavaScript from Smart Search Field” from the Develop menu."
But even after enabling that option, it still doesn't work. Javascript console shows the errors:
[Error] Refused to load http://kathack.com/js/kh.js because it does not appear in the script-src directive of the Content Security Policy.
[Error] Refused to load http://ajax.googleapis.com/ajax/libs/jquery/1.5.1/jquery.min.js because it does not appear in the script-src directive of the Content Security Policy.
Content Security Policy is a way for websites to ask the browser to disable certain functionality that the website expects to not need. That website evidently has asked the browser to not run arbitrary third-party (or non-https?) scripts.
Ideally your browser would recognize that you, the human operator, have authority to override the requests of strangers on your own computer. Sadly, the days of your user agent actually acting on your behalf are waning.
Seems the issue is the request being fired off to get the actual script (xss concerns?), my guess is that it would work by copying the requested script into the js url string, rather than requestimg it.
Trying to paste it to the URL bar gives the error: "Safari doesn’t allow JavaScript from the Smart Search Field. To allow this, choose “Allow JavaScript from Smart Search Field” from the Develop menu."
But even after enabling that option, it still doesn't work. Javascript console shows the errors: