Closed Bug 175375 Opened 22 years ago Closed 22 years ago

Unescaped "</script>" in a document.write

Categories

(Core :: DOM: HTML Parser, defect)

Product:
Core
Component:
DOM: HTML Parser
Platform:
x86
Linux
Type:
defect
Priority:
Not set
Severity:
minor

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: gk4, Assigned: harishd)

References

(
URL
)

Details

(Keywords: testcase)

Attachments

(1 file)

Reduced HTML testcase
171 bytes, text/html
Details
With Mozilla and Galeon I get the following error, but not with Netscape 4.79. Error: unterminated string literal In https://behind-firewall.com/index.html, Line XYZ, document.write("<script language='JavaScript1.2' type='text/javascript' src='../nonssl/"+spMsg[smCount].split("^")[0]+".js'></script>");
Rhino is a standalone language engine; reassigning to HTML Parser. Will attach reduced testcase below -
Assignee: nboyd → harishd
Component: Core → Parser
Product: Rhino → Browser
QA Contact: pschwartau → moied
Attached file Reduced HTML testcase
Using Mozilla trunk binary 20021015xx on WinNT. The reduced testcase is: <script> document.write("Before test<br>"); document.write("<script></script>"); document.write("<br>After test"); </script> In Mozilla, this produces the following output in the browser window: "); document.write(" After test"); And the following error in the JavaScript Console: Error: unterminated string literal Source File: http://bugzilla.mozilla.org/attachment.cgi?id=103401&action=view Line: 4, Column: 16 Source Code: document.write("<script> The reason is, the HTML parser sees the file before the JS parser does. What the HTML parser sees is this: <script> document.write("Before test<br>"); document.write("<script></script> The moment the HTML parser sees the first end-script tag, it closes off the first <script> block right there. That leaves this string dangling: document.write("<script> And that causes the error. As to why Netscape 4.79 doesn' error on your script, I don't understand. I would think it would do the same thing. It seems to do the same thing on the testcase - HTML authors have to "munge" script tags if they appear inside a document.write(). For example, document.write("&lt;/script>") instead of document.write("</script>"); So on the face of it, I don't see how the site can work in any browser. The intranet site may be serving up different HTML to different browser, which may explain why it works in NN4.79.
n.b. technically all instances of the string "</" within a <script> tag should be escaped, but we tolerate a lot of it because of the abundance of document.writing. Unescaped </script>, however, is INVALID...there's no way for the parser to tell which "</script>" you want to close the script element.
Severity: blocker → minor
Status: NEW → RESOLVED
Closed: 22 years ago
Keywords: testcase
Resolution: --- → INVALID
Summary: Error: unterminated literal error → Unescaped "</script>" in a document.write
Excellent explanation. Thanks!
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: