W3C home > Mailing lists > Public > whatwg@whatwg.org > April 2009

[whatwg] Script/parser interaction bug?

From: Ian Hickson <ian@hixie.ch>
Date: Mon, 27 Apr 2009 04:01:12 +0000 (UTC)
Message-ID: <Pine.LNX.4.62.0904270339250.10370@hixie.dreamhostps.com>
On Thu, 12 Feb 2009, Kartikaya Gupta wrote:
>
> Below is an updated annotation including all the script nesting level 
> and parser pause flag changes.
>
> - initially, script nesting level is zero, parser pause flag is false
> - tokenize/treebuild ext7.html until the first closing script tag is found (for the 7a.js script)

http://stakface.com/pub/mango/ext7.html:
<script src="ext7a.js"></script>

> - increment the script nesting level to 1
> - the 7a.js script tag has a src attribute, so it gets set as the pending external script
> - decrement the script nesting level to zero
> - since the script nesting level is zero, set the parser pause flag to false (it was already false)
> - execute the pending external script (7a.js) (this clears the pending external script pointer)

http://stakface.com/pub/mango/ext7a.js:
document.write('<script src=ext7b.js></script>');
document.write('<script type=text/javascript>document.write("<div 
id=r>FAIL</div>");');
document.write('document.getElementById("r").firstChild.data="PASS";');
var r = document.getElementById('r');
if (r != null) {
    r.parentNode.removeChild(r);
}
document.write('</script>');

> --- insert "<script src=ext7b.js></script>" into the input stream
> --- tokenize/treebuild the 7b.js script tag until the </script> for 7b.js is found
> --- increment the script nesting level to 1
> --- the 7b.js script tag has a src attribute, so it gets set as the pending external script
> --- decrement the script nesting level to zero
> --- since the script nesting level is zero, set the parser pause flag to false (it was already false)
> --- there is a pending external script (7b.js) but the tree construction stage is re-entrant, so set parser pause flag to true and return
> --- insert remaining document.write content from 7a.js into the input stream. since there is a pending external script, none of it gets tokenized/treebuilt
> - 7a.js finishes executing. at this point the script nesting level is zero and the parser pause flag is true
> - check again for a pending external script. there is one, 7b.js
> - execute the pending external script (7b.js) (this clears the pending external script pointer)

http://stakface.com/pub/mango/ext7b.js:
throw 'ignore this exception; it is supposed to be thrown';

> --- throws
> - 7b.js finishes executing. at this point the script nesting level is zero and the parser pause flag is true
> - continue processing the input stream (this now has the contents of the document.write calls from 7a.js, line 2 onwards)
> - tokenize/treebuild the input stream until the </script> at the bottom of 7a.js is encountered
> - increment the script nesting level to 1
> - the script tag does not have a src attribute, so it gets executed
> --- insert the div into the input stream
> --- since the parser pause flag is true the div does NOT get tokenized/treebuilt
> --- run the line that sets .firstChild.data to PASS. since the div isn't in the DOM yet, this throws
> - the script written from 7a.js finishes executing. at this point the script nesting level is 1 and the parser pause flag is true
> - decrement the script nesting level to zero
> - since the script nesting level is zero, set the parser pause flag to false
> - continue processing the input stream (this now contains just the div tag with FAIL inside)
> - tokenize/treebuild the input stream, which adds the FAIL div to the DOM
> - done

Well, on the positive side, I agree with your interpretation of the spec.

It seems the problem is that when the pending external script is executed, 
the pause flag isn't set to false afterwards. I've put the 
increment/decrement steps around that too, so that the flag becomes false 
earlier. This seems to fix the testcase here. Does that work for you?

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'
Received on Sunday, 26 April 2009 21:01:12 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:59:11 UTC