I'm trying to insert some HTML into a page using javascript, and the HTML I'm inserting contains CDATA blocks.
I'm finding, in Firefox and Chrome, that the CDATA is getting converted to a ment.
The HTML is not under my control, so it's difficult for me to avoid using CDATA.
The following test case, when there is a div on the page with id "test":
document.getElementById('test').innerHTML = '<![CDATA[foo]]> bar'
causes the following HTML to be appeded to the 'test' div:
<!--[CDATA[foo]]--> bar
Is there any way I can insert, verbatim, HTML containing CDATA into a document using javascript?
I'm trying to insert some HTML into a page using javascript, and the HTML I'm inserting contains CDATA blocks.
I'm finding, in Firefox and Chrome, that the CDATA is getting converted to a ment.
The HTML is not under my control, so it's difficult for me to avoid using CDATA.
The following test case, when there is a div on the page with id "test":
document.getElementById('test').innerHTML = '<![CDATA[foo]]> bar'
causes the following HTML to be appeded to the 'test' div:
<!--[CDATA[foo]]--> bar
Is there any way I can insert, verbatim, HTML containing CDATA into a document using javascript?
Share Improve this question asked Aug 15, 2011 at 13:40 RichRich 15.5k3 gold badges71 silver badges123 bronze badges7 Answers
Reset to default 5document.createCDATASection should do it, but the real answer to your question is that although HTML 5 does have CDATA sections cross-browser support for them is pretty spotty.
EDIT
The CDATA sections just aren't in the HTML 4 definition, so most browsers won't recognize them.
But it doesn't require a full DOM parser. Here's a simple lexical solution that will fix the problem.
function htmlWithCDATASectionsToHtmlWithout(html) {
var ATTRS = "(?:[^>\"\']|\"[^\"]*\"|\'[^\']*\')*",
// names of tags with RCDATA or CDATA content.
SCRIPT = "[sS][cC][rR][iI][pP][tT]",
STYLE = "[sS][tT][yY][lL][eE]",
TEXTAREA = "[tT][eE][xX][tT][aA][rR][eE][aA]",
TITLE = "[tT][iI][tT][lL][eE]",
XMP = "[xX][mM][pP]",
SPECIAL_TAG_NAME = [SCRIPT, STYLE, TEXTAREA, TITLE, XMP].join("|"),
ANY = "[\\s\\S]*?",
AMP = /&/g,
LT = /</g,
GT = />/g;
return html.replace(new RegExp(
// Entities and text
"[^<]+" +
// Comment
"|<!--"+ANY+"-->" +
// Regular tag
"|<\/?(?!"+SPECIAL_TAG_NAME+")[a-zA-Z]"+ATTRS+">" +
// Special tags
"|<\/?"+SCRIPT +"\\b"+ATTRS+">"+ANY+"<\/"+SCRIPT +"\\s*>" +
"|<\/?"+STYLE +"\\b"+ATTRS+">"+ANY+"<\/"+STYLE +"\\s*>" +
"|<\/?"+TEXTAREA+"\\b"+ATTRS+">"+ANY+"<\/"+TEXTAREA+"\\s*>" +
"|<\/?"+TITLE +"\\b"+ATTRS+">"+ANY+"<\/"+TITLE +"\\s*>" +
"|<\/?"+XMP +"\\b"+ATTRS+">"+ANY+"<\/"+XMP +"\\s*>" +
// CDATA section. Content in capturing group 1.
"|<!\\[CDATA\\[("+ANY+")\\]\\]>" +
// A loose less-than
"|<", "g"),
function (token, cdataContent) {
return "string" === typeof cdataContent
? cdataContent.replace(AMP, "&").replace(LT, "<")
.replace(GT, ">")
: token === "<"
? "<" // Normalize loose less-thans.
: token;
});
}
Given
<b>foo</b><![CDATA[<i>bar</i>]]>
it produces
<b>foo</b><i>bar</i>
and given something that looks like a CDATA section inside a script or other special tag or ment, it correctly does not muck with it:
<script>/*<![CDATA[*/foo=bar<baz&//]]></script><![CDATA[fish: <><]]>
bees
<script>/*<![CDATA[*/foo=bar<baz&//]]></script>fish: <><
You could try to use innerText instead of innerHTML.
I would just strip the CDATA tags using a regular expression like so:
document.getElementById('test').innerHTML = '<![CDATA[foo]]> bar'.replace(/<!\[CDATA\[(.*)\]\]>/g, "$1")
Which results in 'test' having:
foo bar
That way the content of the CDATA sections is preserved without one having to worry about any of it being mented out. Unfortunately, this may break whatever required your documents to use CDATA sections to begin with.
convert <, > and & signs like this:
document.getElementById('test').innerHTML = '<![CDATA[foo]]> bar'
That is because CDATA converts < and > (< and >) to their html entities. Try to convert the entities back to < and >.
You can read more about it here.
If you make your page XHTML rather than HTML then the auto-ment "feature" of the CDATA might not happen. You do need to jump through the hoops that XHTML requires, such as a DOCTYPE, and whatever else.
Seems a bit arbitrary, any application that depends on CDATA is broken IMHO, but hopefully you get it working.
I still encountered this problem in 2020 :-(
The slight difference with OP was: I needed to inject XML (not html) into a div.
Applying @Mike Samuel 's answer unfortunately transformed the initial <?xml ... to <?xml ...
I just had to add following clause in the regex: "|<\\?[xX][mM][lL]"+ANY+"\\?>".
Full pleted function for xml:
function xmlWithCDATASectionsToXmlWithout(xml) {
var ATTRS = "(?:[^>\"\']|\"[^\"]*\"|\'[^\']*\')*",
// names of tags with RCDATA or CDATA content.
SCRIPT = "[sS][cC][rR][iI][pP][tT]",
STYLE = "[sS][tT][yY][lL][eE]",
TEXTAREA = "[tT][eE][xX][tT][aA][rR][eE][aA]",
TITLE = "[tT][iI][tT][lL][eE]",
XMP = "[xX][mM][pP]",
SPECIAL_TAG_NAME = [SCRIPT, STYLE, TEXTAREA, TITLE, XMP].join("|"),
ANY = "[\\s\\S]*?",
AMP = /&/g,
LT = /</g,
GT = />/g;
return xml.replace(new RegExp(
// Entities and text
"[^<]+" +
// initial XML TAG
"|<\\?[xX][mM][lL]"+ANY+"\\?>" +
// Comment
"|<!--"+ANY+"-->" +
// Regular tag
"|<\/?(?!"+SPECIAL_TAG_NAME+")[a-zA-Z]"+ATTRS+">" +
// Special tags
"|<\/?"+SCRIPT +"\\b"+ATTRS+">"+ANY+"<\/"+SCRIPT +"\\s*>" +
"|<\/?"+STYLE +"\\b"+ATTRS+">"+ANY+"<\/"+STYLE +"\\s*>" +
"|<\/?"+TEXTAREA+"\\b"+ATTRS+">"+ANY+"<\/"+TEXTAREA+"\\s*>" +
"|<\/?"+TITLE +"\\b"+ATTRS+">"+ANY+"<\/"+TITLE +"\\s*>" +
"|<\/?"+XMP +"\\b"+ATTRS+">"+ANY+"<\/"+XMP +"\\s*>" +
// CDATA section. Content in capturing group 1.
"|<!\\[CDATA\\[("+ANY+")\\]\\]>" +
// A loose less-than
"|<", "g"
),
function (token, cdataContent) {
return "string" === typeof cdataContent
? cdataContent.replace(AMP, "&").replace(LT, "<")
.replace(GT, ">")
: token === "<"
? "<" // Normalize loose less-thans.
: token;
}
);
}