W3C home > Mailing lists > Public > www-validator@w3.org > November 2007

Re: Validating html code in <script>

From: David Dorward <david@dorward.me.uk>
Date: Wed, 14 Nov 2007 10:40:28 +0000
Message-Id: <BF3A17B0-1169-4770-B35A-D7571EE3A361@dorward.me.uk>
Cc: www-validator@w3.org
To: Paul Kieffer <paulkieffer@freenet.de>

On 13 Nov 2007, at 03:18, Paul Kieffer wrote:
> One often finds discussion on using <noscript> if the user has  
> javascript disabled. The use of the <script> and <noscript> code is  
> not equal, though, since you can use html code in a <noscript>  
> section, but not in a javascript <script> section.

In HTML, the contents of the script element is passed to the JS  
engine, and is only parsed by the markup parser to find an end tag.  
Due to the way SGML works, any end tag will end the PCDATA section  
and thus the element.

In XHTML, the XML is parsed by an XML parser, and then the JS is  
passed to the JS engine. Any markup inside the script element will  
hit the XML parser and cause problems.

> What about the web page where you want something run only if the  
> visitor has javascript enabled and you don't care to use <noscript>?

1. Use external scripts


2a. Use <\/foo> in strings instead of </foo> as described in the FAQ  
(in HTML)
2b. Use &lt;/foo&gt; in XHTML (but not XHTML served as text/html,  
which I'd avoid anyway)
2c. Use Ian Hixie's crazy (and dubious under Appendix C) XHTML  
compatable, CDATA marker including, HTML 4.01 style 'hide from  
ancient browsers' comment syntax around the inside of the script block.


3. Use DOM methods instead of document.write

I'd generally use 1(for caching) and 3 (for sanity) together.

David Dorward
Received on Wednesday, 14 November 2007 10:41:15 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 14:17:54 UTC