User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8b4) Gecko/20050906 SUSE/1.4.99-1 Firefox/1.4 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8b4) Gecko/20050906 SUSE/1.4.99-1 Firefox/1.4 I have found as part of a website admin screen (that I have used for years with IE, Mozilla, Firefox) that 1.5 beta has an issue where due to invalid html. There is an email address in the form DISPLAYNAME <EMAIL@SOMEWHERE> as text inside the option tag. Firfox 1.5 beta 1 includes text from outside the form tag in the text of the dropdown inside the form. The page is not public so I have created a test file showing the error. Reproducible: Always Steps to Reproduce: 1. This is a display/behaviour problem, so just load the page. Actual Results: The submit button and also text outside the form tag, is included inside the dropdown. The dropdown doesn't work. Expected Results: The use of an email address enclosed in angled brackets inside the <option> tag is not valid HTML, but all other browser fail this by not rendering the resulting offending tag, and still leaving a functional dropdown and submit button.
Created attachment 196526 [details] testcase of invalid text in <option> tag breaking form and following text
See the same on Windows. This is probably all, I guess.
Confirming on Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-US; rv:1.8b4) Gecko/20050913 Firefox/1.4 Not seeing this in Firefox 1.0, so regression. Can't find a duplicate, so confirming.
Regression window is between 2005-03-17-07 and 2005-03-18-07, suggesting one of bug 160095, bug 285250, or bug 284587.
Since this is a regression, and might affect other cases as well, nominating to block 1.8b5.
Created attachment 196572 [details] [diff] [review] Easy fix This is exactly the same problem as bug 287349, we need to exclude kHeadMisc too. I don't think there are any more elements like this.
Damn you guys are good. A late night submission has a patch by my morning. MS can eat your dust.... Keep up the good work, you are making the world a better place, one line at the time.
Comment on attachment 196572 [details] [diff] [review] Easy fix r+sr=jst
Fix checked into trunk.
Comment on attachment 196572 [details] [diff] [review] Easy fix This is a very safe fix (it only affects userdefined tags inside of option tags) that fixes a bug which could cause a page to be swallowed up by a malformed option tag.
Comment on attachment 196572 [details] [diff] [review] Easy fix Approved for 1.8b5 per bug meeting
Fix checked into MOZILLA_1_8_BRANCH. pflodo, thanks for making such a simple testcase. That really helped me come up with the fix for this.