All geek questions in one place

Extremely strange glitch in Chrome - parses the contents of a string!

Ok - this is the dumbest glitch I've seen after a while:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<script type='text/javascript'>

var data = "</script>";

</script>
</head>
<body>

This should break!

</body>
</html>

This causes syntax errors because the JavaScript parser actually reads the contents of the string. So silly!

How can I put </script>in my code. Is there any way?

Is there a good reason for this behavior?

+3
source share
4 answers

In X (HT) ML (when actually considered as such ), scripts must be escaped as CDATA for this very reason. http://www.w3.org/TR/xhtml1/diffs.html#h-4.8

XHTML script #PCDATA. < & , , &lt; &amp;, XML- < & , script CDATA .

<script type="text/javascript">
<![CDATA[
  ... unescaped script content ...
]]>
</script>

XHTML text/html -, , "" , '</scr' + 'ipt>'.

+5

- , . HTML , </script>, . , :

// escape the / character, changing the format of the "closing" tag
var data = "<\/script>"; 

// break up the string
var data = "</"+"script>";

, HTML \ , , , , <\/script> . , - , ( ).

+2

:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<script type='text/javascript'>
<!--
var data = "</script>";
-->
</script>
</head>
<body>
This should break!
</body>
</html>

, HTML javascript, <!-- --> , .

0

HTML4, script content

ETAGO ( "</" ), ([a-zA-Z])

, JavaScript , ; JavaScript var data = ", , , script.

JavaScript - Andy E:

var data = "<\/script>";

, HTML </, script , \/ / JavaScript, . , JavaScript .

0

Source: https://habr.com/ru/post/1742408/

More articles:


All Articles