Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Later
Fix Version/s: None
Affects Version/s: 6.5.3, 9.0.0
Component/s: ZK Loader
Labels:
None

Safety specification requirements:
None

Similar to ~~ZK-1836~~ the error can be reproduced by adding a space after "script"

<zk>
  If you can see the log with "&lt;/script >", the bug is fixed.
  <script>
    var s = "&lt;/script >";
    zk.log(s);
  </script>
</zk>

or

<zk>
  If you can see the log with "&lt;/script >", the bug is fixed.
  <script><![CDATA[
    var s = "</script >";
    zk.log(s);    
  ]]></script>
</zk>

Assuming other breaking variants exist we should consider using a dedicated encoding/escaping library.

clones

ZK-1836 Javascript string with </script> escape issue

Closed

Assignee:: Unassigned
Reporter:: cor3000
Votes:: 0 Vote for this issue
Watchers:: 1 Start watching this issue

Created:: 03/Dec/19 7:30 AM
Updated:: 27/Mar/23 1:29 PM