In JavaScript created HTML strings are ignored

RESOLVED INVALID

Status

RESOLVED INVALID
14 years ago
14 years ago

People

(Reporter: Josef.Rosenlehner, Unassigned)

Tracking

Trunk
x86
Windows XP

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment, 1 obsolete attachment)

(Reporter)

Description

14 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8a4) Gecko/20040927
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8a4) Gecko/20040927

If i create HTML via JavaScript as input to an iframe strings within the created
HTML are ignored. In some larger JavaScripts all "strings" were shon as
\"strings\" in the Venkmann Debugger.

In the following example only the class of iframe is recognized but the classes
of body and div created by JavaScript are ignored.

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>Unbenanntes Dokument</title>

<SCRIPT language=JavaScript type=text/javascript>
  function doSomething()
  {
    var html = '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">'
	           + '<html><body class="main"><div class="subdivision">some
text</div></body></html>' ;
    subframe.document.write( html ) ;
//    return html  ;
  }
</SCRIPT>

<style type="text/css">
  .main
  {
	background-color: red;
  }
  .subframe
  {
	background-color: yellow;
  }
  .subdivision
  {
	background-color: blue;
  }
</style>

</head>

<body>
  <iframe src="javascript:top.doSomething()" class="subframe" name="subframe">
  </iframe>
</body>
</html>

Reproducible: Always
Steps to Reproduce:
1.load the example in Mozilla 1.8a4
2.
3.
Actual Results:  
You see a yellow iframe with text some text.

Expected Results:  
The iframe should have a blue background.

Comment 1

14 years ago
Invalid JavaScript. top.doSomething()? You are writting IE-specific JavaScript.

2 errors in JS console:
-----------------------------------------------------------------
Error: unterminated string literal
Source File: file:///D:/Setup/a.html
Line: 11, Column: 15
Source Code:
    var html = '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
-----------------------------------------------------------------
Error: top.doSomething is not a function
Source File: javascript:top.doSomething()
Line: 1
-----------------------------------------------------------------

Please "invalid" this bug...

Comment 2

14 years ago
There is many things wrong with the page:
- escaping forward slashes in a parsable string,
- class and name have the same attribute value (very bad coding practice even if
this does not generate an error),
- frames["subframe"].document.open(), frames["subframe"].document.write(html)
and then frames["subframe"].document.close(). 

"close
    Closes a document stream opened by open() and forces rendering."
http://www.w3.org/TR/DOM-Level-2-HTML/html.html#ID-98948567

Eventually, it would be resolved as INVALID: see bug 196847 among others.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 14 years ago
Resolution: --- → INVALID
And for future reference, don't file random DOM or browser bugs against the
JavaScript Engine.

/be
Component: JavaScript Engine → Browser-General
(Reporter)

Comment 4

14 years ago
What special version of Mozilla you are using??????
>> 2 errors in JS console:
>> -----------------------------------------------------------------
>> Error: unterminated string literal
>> Source File: file:///D:/Setup/a.html
>> Line: 11, Column: 15
>> Source Code:
>>     var html = '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
>> -----------------------------------------------------------------
>> Error: top.doSomething is not a function
>> Source File: javascript:top.doSomething()
>> Line: 1
>> -----------------------------------------------------------------

I've used 1.8a4 which gives only one message in the java console:
Security Error: Content at wyciwyg://1/file:///c:/tmp/test.html may not load or
link to file:///c:/tmp/test.html.

This message i don't get always i load the page but every second or third time.
I've crosschecked with FireFox 0.10.1 which shows exact the same behaviour.


>> There is many things wrong with the page:
>> - escaping forward slashes in a parsable string,
>> - class and name have the same attribute value (very bad coding practice even if
>> this does not generate an error),
>> - frames["subframe"].document.open(), frames["subframe"].document.write(html)
>> and then frames["subframe"].document.close(). 

Ok, i know that the example is far away from being perfect. I tried to make the
example short as possible in extremly little time.



>> And for future reference, don't file random DOM or browser bugs against the
>> JavaScript Engine.

Sorry but i have page which works in IE but in Mozilla all formatting is lost
and i see via Ethereal that the following code is send to Mozilla 

function showList(act)
{
var html = '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"><html><head><title>Diagnose Puffer -
Liste</title><meta http-equiv="content-type" content="text/html;
charset=UTF-8"><meta http-equiv="cache-control" content="no-cache"><meta
http-equiv="pragma" content="no-cache"><link rel="stylesheet" type="text/css"
href="/stylesheets/simatic.css">'+'</head><body bgcolor="#e9e9fc">'
 + '<table class="tablelist" cellpadding="0" cellspacing="0"><tr
class="listheader"><td>&nbsp;Nr.</td><td class="spacerVertical"
></td><td>&nbsp;Uhrzeit</td><td class="spacerVertical"
></td><td>&nbsp;Datum</td><td class="spacerVertical"
></td><td>&nbsp;Ereignis</td></tr><tr class="spacerHorizontal"><td
colspan="7"></td></tr>' ;
 for ( i = 0 ;  i < 3 ;  i++ )
{
html += '<tr class="listline" bgcolor="#e9e9fc"
onclick="javascript:top.showDetail(this,' + top.i + ')"><td>&nbsp;' + (i+1) +
'</td><td class="spacerVertical" ></td><td>&nbsp;' + Uhrzeit[i] + '</td><td
class="spacerVertical" ></td><td>&nbsp;' + Datum[i] + '</td><td
class="spacerVertical" ></td><td>&nbsp;' + shortText[i] + '</td></tr><tr
class="spacerHorizontal"><td colspan="7"></td></tr>' ;
 }
html += '</table>';
html += '</body></html>' ; return html.replace('\"', '"') ;
 }


but the following code is shown in JavaScript Debugger:

     function showList(act) {
    21         var html = "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01
Transitional//EN\"
\"http://www.w3.org/TR/html4/loose.dtd\"><html><head><title>Diagnosis buffer -
list</title><meta http-equiv=\"content-type\" content=\"text/html;
charset=UTF-8\"><meta http-equiv=\"cache-control\" content=\"no-cache\"><meta
http-equiv=\"pragma\" content=\"no-cache\"><link rel=\"stylesheet\"
type=\"text/css\" href=\"/stylesheets/simatic.css\"></head><body
bgcolor=\"#e9e9fc\"><table class=\"tablelist\" cellpadding=\"0\"
cellspacing=\"0\"><tr class=\"listheader\"><td>&nbsp;No.</td><td
class=\"spacerVertical\" ></td><td>&nbsp;Time</td><td class=\"spacerVertical\"
></td><td>&nbsp;Date</td><td class=\"spacerVertical\"
></td><td>&nbsp;Event</td></tr><tr class=\"spacerHorizontal\"><td
colspan=\"7\"></td></tr>";
    22         for (i = 0; i < 3; i++) {
    23             html += "<tr class=\"listline\" bgcolor=\"#e9e9fc\"
onclick=\"javascript:top.showDetail(this," + top.i + ")\"><td>&nbsp;" + (i + 1)
+ "</td><td class=\"spacerVertical\" ></td><td>&nbsp;" + Uhrzeit[i] + "</td><td
class=\"spacerVertical\" ></td><td>&nbsp;" + Datum[i] + "</td><td
class=\"spacerVertical\" ></td><td>&nbsp;" + shortText[i] + "</td></tr><tr
class=\"spacerHorizontal\"><td colspan=\"7\"></td></tr>";
    24         }
    25         html += "</table>";
    26         html += "</body></html>";
    27         return html.replace("\"", "\"");
    28     }
    29

I'm still wondering about the \" but i when you tell we this is random DOM bug i
have to believe it.



I just tried in a IE focused company to establish Mozilla as an alternate browser.
Maybe this was a fault.
The problem in comment 1 was copying and pasting the code from comment 0.  Note
that that code has linebreaks in places where they probably do not appear in he
original file...  So commenter in comment 1 was just testing the wrong thing. 
Ng Ming Hong, please watch out for this in the future.

Comment 2 I can't make sense of.  Daniel, none of the things you mention there
have anything to do with this bug.  I'm not sure why you brought any of them up.

Comment 3 merely said that this is almost certainly not a bug in the JavaScript
engine, which is true.

Josef, the real problem in the testcase in comment 0 (and the reason this bug in
invalid after all) is that the style is attached to the _parent_ document (the
one the iframe is in), while the HTML is being written to the _child_ document
(the one in the iframe).  Styles from the parent document should not be applying
to HTML elements in the child document.

If you put the style rules in a <style> element that you write to the child
document along with the other HTML, they should work fine.

Comment 6

14 years ago
> Comment 2 I can't make sense of.  Daniel, none of the things you mention there
> have anything to do with this bug.

Well, one needs to escape forward slashes in a string otherwise the validator
will report an error. Strictly speaking, this has something to do with the
quality of submitted chunck of code. Same identifier for class and frame name is
not the best recommendable coding practice; nothing more, nothing else said or
implied.
I concede none of these things specifically had something to do with the bug.

(see following testcase)
To my surprise, 
IframeName.document.write(strDocumentContent)
works while I was under the impression (there is a reason which I can't remember
now) that one always needs (or should always prefer) to write
frames["IframeName"].document.write(strDocumentContent)

document.open() and document.close() are needed in cases where the whole
document will not be re-written entirely. Here, in this bugfile case, open() and
close() are not absolutely needed. Nevertheless, good coding practices suggest
to use close() to make the browser stop the download (progress bar never stops,
ends; download icons never stops). Not including document.close() makes the
download icons always active and the progress bar never stopped, as if the
document was perpetually being rendered.
Mozilla 1.8a5 build 2004102405 under XP Pro SP2 here while using the following
testcase.

I did see "Security Error: Content at wyciwyg://0/file:/// may not load or link
to file:///" with some ways of coding the page which was likely (I guess)
because the parent document domain is different from an about:blank document:
cross-domain scripting access security violation. But I don't see such security
error in Mozilla 1.8a5 build 2004102405.

Boris, you are correct about the css rules (main and subdivision) being attached
to the parent window, not specifically declared in the iframe which was the
source of the problem in this bug.

Comment 7

14 years ago
Created attachment 163282 [details]
Corrected html code submitted by Josef

The html code submitted by the reporter with several modifications and code
improvements.

Comment 8

14 years ago
Created attachment 163285 [details]
Cleaner and corrected html code submitted by Josef

I forgot <\/head> in the previous testcase. Now even the generated html markup
code in the iframe validates.

Updated

14 years ago
Attachment #163282 - Attachment is obsolete: true
(In reply to comment #6)
> Well, one needs to escape forward slashes in a string otherwise the validator
> will report an error.

Frankly, it doesn't matter whether the validator reports an error.

> Strictly speaking, this has something to do with the
> quality of submitted chunck of code.

The quality of the code has little to do with whether there is a Mozilla bug. 
I'm glad you agree.  The point is that putting tons of unrelated text into a bug
makes it very hard for other QA and developers to make sense of what's going on.
   So please, don't do it.
Product: Browser → Seamonkey
You need to log in before you can comment on or make changes to this bug.