That "bug" has become sort of a feature – the author of tixy.land added support for it a while ago [1], which I also merged into tixyz.

[1]: https://twitter.com/aemkei/status/1325918933375987712

I assume he means the size of the payload remains technically below 32 while the "real" code is larger due to evaluating location.hash. `eval(location.hash.substring(1))` is 32 characters, but the hash itself can be few kilobytes

I used this to merge two tixies a while back, and execute an XSS as proof of concept [0]

[0] https://twitter.com/AntoGarand/status/1327101941760086017

Interesting, I thought I had exhausted the list of string modification functions when checking how to work around the hash symbol. That's nicer than my solution by far.