W3C home > Mailing lists > Public > www-validator@w3.org > February 2010

Valid use of <embed> in HTML4

From: Leif Halvard Silli <xn--mlform-iua@xn--mlform-iua.no>
Date: Fri, 5 Feb 2010 05:36:08 +0100
To: Tatham Oddie <tatham@oddie.com.au>
Cc: 'Cory S' <veneno-games@hotmail.com>, www-validator@w3.org
Message-ID: <20100205053608636398.a504d30c@xn--mlform-iua.no>
Tatham Oddie, Thu, 4 Feb 2010 22:57:18 +1100:
> To fix the remaining errors, look at using either Flash Satay
> (http://www.alistapart.com/articles/flashsatay) or SWFObject
> (http://code.google.com/p/swfobject/).

Here is a way to insert a foreign element into a HTML4 document in a 
syntactically valid and User Agent compatible way:

<script type=""><!--</><![CDATA[--></script>
<embed src="http://example.org/" ></embed>

Works and validates because:

1. HTML4 sees <script> as ending with the '</>' tag. So, to HTML4
   the <![CDATA[ section lasts until ']]>' on the last line.
2. UAs think that <script> lasts until '</script>'. Thus Web
   browsers do not recognize that there is a <![CDATA[ ]]> section
3. Web browsers will also see '<!--]]>-->' as a comment. Whereas
   HTML4 sees "<!--" as last 4 characters of the CDATA section.

Thanks to David Dorward for helping me to understand how <script> is 
supposed to be parsed, according to HTML4 ... ;-)
leif halvard silli
Received on Friday, 5 February 2010 05:46:22 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 1 March 2016 14:18:00 UTC