Unescaped "</script>" in a document.write

RESOLVED INVALID

Status

()

--
minor
RESOLVED INVALID
16 years ago
16 years ago

People

(Reporter: gk4, Assigned: harishd)

Tracking

({testcase})

Trunk
x86
Linux
testcase
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(URL)

Attachments

(1 attachment)

(Reporter)

Description

16 years ago
With Mozilla and Galeon I get the following error, but not with Netscape 4.79.
Error: unterminated string literal
In https://behind-firewall.com/index.html, Line XYZ, 		
document.write("<script language='JavaScript1.2' type='text/javascript'
src='../nonssl/"+spMsg[smCount].split("^")[0]+".js'></script>");

Comment 1

16 years ago
Rhino is a standalone language engine; reassigning to HTML Parser.
Will attach reduced testcase below -
Assignee: nboyd → harishd
Component: Core → Parser
Product: Rhino → Browser
QA Contact: pschwartau → moied

Comment 2

16 years ago
Created attachment 103401 [details]
Reduced HTML testcase

Comment 3

16 years ago
Using Mozilla trunk binary 20021015xx on WinNT. The reduced testcase is:

<script>
 document.write("Before test<br>");
 document.write("<script></script>");
 document.write("<br>After test");
</script>


In Mozilla, this produces the following output in the browser window:

"); document.write("
After test");


And the following error in the JavaScript Console:

Error: unterminated string literal
Source File: http://bugzilla.mozilla.org/attachment.cgi?id=103401&action=view
Line: 4, Column: 16
Source Code: document.write("<script>


The reason is, the HTML parser sees the file before the JS parser does.
What the HTML parser sees is this:

<script>
 document.write("Before test<br>");
 document.write("<script></script>


The moment the HTML parser sees the first end-script tag, it closes
off the first <script> block right there. That leaves this string
dangling:

 document.write("<script>


And that causes the error. As to why Netscape 4.79 doesn' error
on your script, I don't understand. I would think it would do
the same thing. It seems to do the same thing on the testcase -


HTML authors have to "munge" script tags if they appear inside
a document.write(). For example,

                document.write("&lt;/script>")
     instead of document.write("</script>");


So on the face of it, I don't see how the site can work in any 
browser. The intranet site may be serving up different HTML to 
different browser, which may explain why it works in NN4.79.
 n.b. technically all instances of the string "</" within a <script> tag should
be escaped, but we tolerate a lot of it because of the abundance of
document.writing. Unescaped </script>, however, is INVALID...there's no way for
the parser to tell which "</script>" you want to close the script element.
Severity: blocker → minor
Status: NEW → RESOLVED
Last Resolved: 16 years ago
Keywords: testcase
Resolution: --- → INVALID
Summary: Error: unterminated literal error → Unescaped "</script>" in a document.write
(Reporter)

Comment 5

16 years ago
Excellent explanation.  Thanks!
You need to log in before you can comment on or make changes to this bug.