I found something very strange. When you place something like this in your html page, the browser (tested on FF and Chrome) just stops rendering the page at this place:
<script type="text/javascript">
// var Crash = "<!--<SCRIPT>";
</script>
Obviously you can also do:
<script type="text/javascript">
var Crash = "<!--<SCRIPT>";
</script>
Or:
<script type="text/javascript">
var Crash = "<!-- WHATEVER YOU WANT HERE <SCRIPT>";
</script>
Any ideas why this happens?
I found something very strange. When you place something like this in your html page, the browser (tested on FF and Chrome) just stops rendering the page at this place:
<script type="text/javascript">
// var Crash = "<!--<SCRIPT>";
</script>
Obviously you can also do:
<script type="text/javascript">
var Crash = "<!--<SCRIPT>";
</script>
Or:
<script type="text/javascript">
var Crash = "<!-- WHATEVER YOU WANT HERE <SCRIPT>";
</script>
Any ideas why this happens?
Share Improve this question asked Jul 1, 2016 at 11:26 Simon SiegenthalerSimon Siegenthaler 813 bronze badges 9-
This is because
<!--is used to ment in HTML but it's never close so anything after it will be used as a ment. If you add another script tag but usevar Crash = "WHATEVER YOU WANT HERE <SCRIPT>-->";further down the page you will see that ends the ment and anything after that will show in the browser. – NewToJS Commented Jul 1, 2016 at 11:29 - When you just do that, then page still works. Check this out: jsfiddle/7td2nqcp/1 . Keep in mind, browser really stops exactly there with whatever he was doing. So it's really nasty. – Simon Siegenthaler Commented Jul 1, 2016 at 11:31
-
I don't think you understand what I'm saying.
<!--will ment out any text/html/data until closed using-->See jsfiddle/7td2nqcp/2 and jsfiddle/7td2nqcp/3 – NewToJS Commented Jul 1, 2016 at 11:34 -
2
Interesting one. I'm aware that you can't use the literal string
"</script>"inside a script block as the browser parser will see that as the end of the script block. It seems that a bination of the start of a ment and the<script>tag causes issues too. Will need to dig through the specs to find out why. – James Thorpe Commented Jul 1, 2016 at 11:35 -
@NewToJS It's not the ment by itself though, or the presence of the
<script>tag - it's the bination of both that is triggering some behaviour – James Thorpe Commented Jul 1, 2016 at 11:36
2 Answers
Reset to default 7TL;DR:
Don't do this - it makes the parser follow some strange rules about double escaping script data, leaving it in the "wrong" state (from your point of view) by the time it gets to </script>. There are ways of escaping things in your script data to ensure it will behave as you want it to, while not breaking the parser.
The parser has a strict set of rules it follows when parsing the page. In this case:
We start, having seen the opening
<script>tag , in the: Script data state.In this stage,
<triggers: Script data less-than sign statethen,
!triggers: Script data escape start statethen,
-triggers: Script data escape start dash statethen,
-triggers: Script data escaped dash dash statethen,
<(immediately, or while in the "script data escaped state") triggers: Script data escaped less-than sign statethen, any a-z or A-Z (ie the "S" in "SCRIPT") get stored in the "temporary buffer", and we move to: Script data double escape start state. We stay in this state until the end of
script, then>with the bination of the temporary buffer being equal to "script" triggers: Script data double escaped stateThis just keeps emitting the characters (in your case) until we get to the
<of</script>, which triggers: Script data double escaped less-than sign stateThe
/in</script>then clears the temporary buffer, and we switch to: Script data double escape end state. This again keeps appending characters to the temporary buffer, until we see the>, at which point the temporary buffer is equal to "script", which triggers us to: Script data escaped state
So we're now in a state where the browser thinks it's still within some escaped script data, rather than the original <script> tag having been closed, so any further HTML is not seen as such - it still thinks it's script data to be handed to the scripting engine rather than processed as HTML.
The reasons for the parser working this way aren't clear, but with the way things have evolved over time, it's probably because of some horrendous backwards patibility reasons.
In the past, it was mon to handle the browsers unaware of the script tag, by adding html ments within the script blocks:
<script language="javascript">
<!--
// code here
//-->
</script>
As you can see the first <!-- is not valid in javascript, but still the browsers have to ignore it in order to be patible with this old trick.
This seems to trigger a weird behaviour in some browser when we add a <script>, as you can see in this fiddle: https://jsfiddle/bjeLh5Ln/
So you need either to close the html ment by adding // --> in your script, or put </script> twice.