- From: Ryosuke Niwa <rniwa@webkit.org>
- Date: Thu, 11 Nov 2010 16:34:59 -0800
Greetings all, I'm working on the WebKit bug 12234 - Using createContextualFragment to insert a <script> does not cause the script to execute<https://bugs.webkit.org/show_bug.cgi?id=12234>. While investigating the issue, the following part of HTML5 spec came to my attention: *10.2.5.7 The "in head" insertion mode<http://www.whatwg.org/specs/web-apps/current-work/#parsing-main-inhead> * ... - *A start tag whose tag name is "script"* 1. If the parser was originally created for the HTML fragment parsing algorithm, then mark the script element as "already started". (fragment case) Since 10.4 Parsing HTML fragments<http://www.whatwg.org/specs/web-apps/current-work/#fragment-case>does not special case the script element, this seem to imply that we never execute scripts inserted by the HTML fragment parsing algorithm. Am I right? To give you more concrete example, should the following markup show the alert or not? <!DOCTYPE html> <html> <script> document.body.innerHTML+="<scr"+"ipt>alert('SUCCESS')</scr"+"ipt>"; </script> </html> Best regards, Ryosuke Niwa Software Engineer Google Inc. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20101111/cb2d0867/attachment.htm>
Received on Thursday, 11 November 2010 16:34:59 UTC