Chrome 50.0.2661.94 XSS auditor Bypass (Conditions limited)

I found that when there exsits script after an xss injection like

<img alt="[Injection]" src="x">

and the url scheme is HTTP,for example:

<img alt="[injection]" src="x">
<script>var a=1;</script>

php code is like:

<img alt="<?php echo $_GET['x'];?>" src="x">
var a=1;

we can use


to Bypass chrome xss auditor.(others like ftp:,etc also works)

test Bypass: