SVG onload event not working if <svg onload=""> is loaded using innerHTML
Categories
(Core :: DOM: Core & HTML, defect, P3)
Tracking
()
People
(Reporter: jmsanchez275, Unassigned, NeedInfo)
References
(Regression)
Details
(Keywords: regression)
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.82 Safari/537.36
Steps to reproduce:
I loaded an SVG using document.body.innerHTML in javascript. All event-handlers of the svg does not work. I tried this with other tags like <img> but they work as intended. I found this issue only in svg
Here is an example code
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Test</title>
</head>
<body>
<script>
document.body.innerHTML = <svg onload="alert()">
</script>
</body>
</html>
Actual results:
alert() won't be triggered here. I tested in other browsers and the alert() gets triggered.
Expected results:
if you change the tag into something like
<img src=x onerror="alert()"> in the innerHTML it works as intended
This works on other browsers
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Test</title>
</head>
<body>
<script>
document.body.innerHTML = `<svg onload=alert()>`
</script>
</body>
</html>
Comment 2•3 years ago
|
||
The Bugbug bot thinks this bug should belong to the 'Core::SVG' component, and is moving the bug to that component. Please revert this change in case you think the bot is wrong.
Comment 3•3 years ago
|
||
Mozregression says this was caused by bug 1646140.
Comment 4•3 years ago
|
||
I'm not sure I'll have time to look at this, pinging hsivonen who should be more familiar with this. (I'm on PTO anyway)
Comment 5•3 years ago
|
||
Setting the regression info per comment #3.
Comment 6•3 years ago
|
||
Set release status flags based on info from the regressing bug 1646140
Updated•3 years ago
|
PinkDraconian elaborates more about this issue in his new video https://www.youtube.com/watch?v=75O_d845cAk
It's not just SVG
, it also affects more tags like input
Updated•3 years ago
|
Comment 8•3 years ago
|
||
(In reply to Echidonut from comment #7)
PinkDraconian elaborates more about this issue in his new video https://www.youtube.com/watch?v=75O_d845cAk
It's not just
SVG
, it also affects more tags likeinput
That's another issue, could you file a new report?
Updated•3 years ago
|
Apart from this being a difference relative to Chrome, does not executing SVG onload
in the innerHTML
context break some legitimate use on a real site?
Updated•3 years ago
|
Updated•2 years ago
|
Comment 10•2 years ago
|
||
The bug has a release status flag that shows some version of Firefox is affected, thus it will be considered confirmed.
Comment 11•2 years ago
|
||
Setting S3/P3 based on the current information that we haven't heard real issues on websites in the wild for now.
Description
•