Closed Bug 371628 Opened 13 years ago Closed 13 years ago
As of 2
.0 .0 .2, FF not longer executes code injected through the inner HTML property of a document synchronously
Assignee: nobody → general
Component: Extension Compatibility → DOM
OS: Windows XP → All
Product: Firefox → Core
QA Contact: extension.compatibility → ian
Hardware: PC → All
Version: unspecified → 1.8 Branch
This might be the same as bug 371576, but it was also caused by the patch for bug 364692. The reporter has tested that the regression range matches that bug's landing.
tnarik: if you could attach a "minimal extension" that shows the problem, that would be great.
This is a "not minimal" extension tracing the calling order of the innerHTML code and the extension code as alerts.
Not sure about other AJAX controls, but this could be the cause of a problem with the Telerik Web Tree (http://www.telerik.com/). As of the update to 220.127.116.11 expanding tree view nodes causes the tree to collapse to a flat list showing the Text of each node before expanding again.
Alan, where? I've look at the demos here: http://www.telerik.com/demos/aspnet/TreeView/Examples/Overview/DefaultCS.aspx But I don't see any problems with it. Could you file a new bug on the issue that you're seeing? And please mention the bug number here.
Hi Martijn, its a different TreeView control, this one here http://www.telerik.com/demos/aspnet/Controls/Examples/Integration/AspNetAjax/TreeviewBuilder/DefaultCS.aspx?product=treeview Have added a bug report at https://bugzilla.mozilla.org/show_bug.cgi?id=371751 and in the Telerik forums http://www.telerik.com/community/forums/thread/b311D-tcedk.aspx in case the bug is with their control.
It seems that previously assigning browser.contentDocument.body.innerHTML = ""; , delays somehow the execution of code injected such as element.innerHTML="somecode"; browser.contentDocument.body.appendChild(element); Commenting the first line on the Gspace code (srcDoc.body.innerHTML = ""; at gactions.js) seems to fix the problem.
Hmm.. this is weird. Setting .innerHTML should never have executed scripts. A pile of sites broke when we made setting .innerHTML execute scripts so it was explicitly prohibited. Can you attach a testcase that worked in 18.104.22.168?
sicking, they're setting the innerHTML on a <script>. Then appending the script. That's exactly bug 371576, so given lack of evidence to the contrary after a week marking duplicate.
Status: UNCONFIRMED → RESOLVED
Closed: 13 years ago
Resolution: --- → DUPLICATE
Duplicate of bug: 371576
You need to log in before you can comment on or make changes to this bug.