Uploaded image for project: 'ZK'
  1. ZK
  2. ZK-4437

CLONE - Javascript string with </script> escape issue

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Later Later
    • None
    • 6.5.3, 9.0.0
    • ZK Loader
    • None

      Similar to ZK-1836 the error can be reproduced by adding a space after "script"

      <zk>
  If you can see the log with "&lt;/script >", the bug is fixed.
  <script>
    var s = "&lt;/script >";
    zk.log(s);
  </script>
</zk>

      or

      <zk>
  If you can see the log with "&lt;/script >", the bug is fixed.
  <script><![CDATA[
    var s = "</script >";
    zk.log(s);    
  ]]></script>
</zk>

      Assuming other breaking variants exist we should consider using a dedicated encoding/escaping library.

            Unassigned Unassigned
            cor3000 cor3000
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: